Skills
skills/aaaaqwq/claude-code-skills/analyzing-options-flow/Gen Agent Trust Hub

analyzing-options-flow

Warn

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill instructions direct the agent to load API credentials from a sensitive file path at {baseDir}/config/crypto-apis.env, exposing secrets to the agent context.
  • [COMMAND_EXECUTION]: The skill uses the Bash tool with the crypto:options-* wildcard, enabling local command execution for data querying.
  • [PROMPT_INJECTION]: The skill processes untrusted data from external blockchain RPC endpoints and exchange APIs, creating an indirect prompt injection surface.
  • Ingestion points: External crypto market APIs, blockchain transaction data, and exchange order books are read into the agent context.
  • Boundary markers: No specific delimiters or instructions to ignore embedded commands are present in the processing logic.
  • Capability inventory: The agent has access to Bash, Write, and Edit tools, allowing for significant system impact if malicious instructions are encountered in the data.
  • Sanitization: The implementation guide does not specify any sanitization or validation steps for data retrieved from remote blockchain or exchange sources.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 27, 2026, 03:35 PM