fiat
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFECREDENTIALS_UNSAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill instructs the agent to store Binance API keys and secrets in a local documentation file (TOOLS.md). While it specifies masking rules for displaying these to the user, storage in a plain-text markdown file is a risk for credential exposure.
- [COMMAND_EXECUTION]: To authenticate and communicate with the Binance API, the skill describes the execution of system commands like openssl for signing and curl for network requests.
- [EXTERNAL_DOWNLOADS]: The skill interacts with the official api.binance.com service to perform fiat operations. This is documented as a standard operation for this vendor.
- [PROMPT_INJECTION]: An indirect prompt injection surface is present due to the handling of external data. 1. Ingestion points: Credential files uploaded by users and data returned from Binance API endpoints. 2. Boundary markers: No specific delimiters or instructions to ignore instructions within the ingested data were found. 3. Capability inventory: The skill possesses the capability to perform network requests (curl) and local file writes (TOOLS.md). 4. Sanitization: The instructions do not define validation or sanitization steps for the data retrieved from external sources or user files.
Audit Metadata