siwa
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: Credential Management: The skill uses environment variables for sensitive API keys and HMAC secrets, adhering to security best practices and preventing accidental credential leaks.
- [SAFE]: Network Communication: External requests are restricted to the vendor's official API (api.bankr.bot) and the agent's authentication server, which are necessary for the skill's functionality.
- [SAFE]: Code Safety: The provided code snippets demonstrate standard authentication flows, including the use of nonces and signed receipts, without any evidence of command execution, obfuscation, or persistence mechanisms.
- [SAFE]: Dependency Integrity: The skill utilizes legitimate, versioned packages from the official npm registry for its core functions.
Audit Metadata