aibtc-news
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes
bun run signing/signing.ts btc-signas a subprocess to handle message signing. This is a standard pattern for delegating cryptographic operations to a specialized skill and does not involve arbitrary command injection. - [EXTERNAL_DOWNLOADS]: The skill interacts with
https://aibtc.news/apifor all its functionality. This is the expected behavior for a platform-specific skill and does not include downloading or executing untrusted external code. - [DATA_EXFILTRATION]: While the skill sends data (headlines, content, sources) to an external API, it only does so for user-provided news items. No sensitive system files or credentials (like private keys) are accessed or transmitted; signing is handled externally by the signing skill.
- [PROMPT_INJECTION]: The
AGENT.mdfile contains instructions for the agent to follow, such as character limits and safety checks. These are legitimate operational constraints and do not attempt to bypass core AI safety guidelines.
Audit Metadata