aicoin-exchange-trading
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill relies on the 'ccxt' package from the npm registry. This is an industry-standard, well-known, and trusted library for cryptocurrency exchange integration.
- [COMMAND_EXECUTION]: The script provides the capability to execute financial commands, such as placing or cancelling orders and transferring funds between accounts. These actions are consistent with the skill's intended purpose as a trading tool.
- [CREDENTIALS_UNSAFE]: The skill handles sensitive exchange API keys and secrets via environment variables. This follows best practices for credential management in agentic environments, and the provided documentation correctly uses 'xxx' placeholders to prevent accidental exposure.
- [PROMPT_INJECTION]: The skill exposes a surface for indirect prompt injection because it ingests data from external cryptocurrency exchanges that could be manipulated by third parties. 1. Ingestion points: Market tickers, order books, and trade history are fetched in 'scripts/exchange.mjs' via public API actions. 2. Boundary markers: No specific delimiters are used to isolate the fetched market data from the agent's internal instructions. 3. Capability inventory: The skill possesses high-impact financial capabilities including 'create_order' and 'transfer'. 4. Sanitization: Market data is returned to the agent without filtering or content validation.
Audit Metadata