opentrade-newsliquid
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection vulnerability surface. It ingests untrusted market and trade data from external APIs which could be manipulated to influence agent behavior.
- Ingestion points: The skill retrieves market metadata, real-time tickers, and historical trade data via GET requests to the Newsliquid gateway (SKILL.md).
- Boundary markers: There are no specific instructions or delimiters provided to ensure the agent ignores potential commands embedded in the retrieved API data.
- Capability inventory: The skill possesses high-impact financial capabilities, including placing and editing limit/market orders, setting leverage, and managing exchange account configurations.
- Sanitization: No explicit validation or sanitization logic for the API response content is defined in the instructions.
- [COMMAND_EXECUTION]: The skill uses curl commands to interact with the vendor's API at ai.6551.io. These commands are necessary for its primary function and transmit user-provided authentication tokens to the vendor's infrastructure.
Audit Metadata