ave-trade-chain-wallet
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary purpose is to facilitate cryptocurrency trading where the user maintains control of their private keys.
- [CREDENTIALS_UNSAFE]: While the skill references sensitive environment variables like
AVE_EVM_PRIVATE_KEYandAVE_MNEMONIC, these are documented as local requirements for transaction signing. No hardcoded secrets or evidence of key exfiltration were found. - [EXTERNAL_DOWNLOADS]: The skill mentions
pip install -r scripts/requirements.txtfor setup. While the content ofrequirements.txtwas not provided, the described dependencies (eth-account,solders) are standard libraries for blockchain interactions. - [DATA_EXFILTRATION]: Network operations are directed to
bot-api.ave.ai, which is the official API endpoint for the service described in the skill's metadata. No suspicious third-party domains were found. - [PROMPT_INJECTION]: The instructions provide clear boundaries for the agent (e.g., 'DO NOT use this skill for...') and follow standard operational procedures without attempting to bypass safety filters.
Audit Metadata