opentrade-token
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads installation and update scripts from the vendor's official GitHub repository at github.com/6551Team/openskills.
- [COMMAND_EXECUTION]: It executes the opentrade CLI and standard system utilities (curl, cat, date, sh) to manage the environment and retrieve token data.
- [CREDENTIALS_UNSAFE]: The skill uses a local .env file for API authentication and provides explicit instructions to the agent to prevent credential leakage in logs or version control.
- [PROMPT_INJECTION]: The skill processes structured data from external API endpoints, which constitutes a potential surface for indirect prompt injection if the source data is manipulated.
Audit Metadata