spot
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill provides bash script templates using curl and openssl to perform authenticated requests. These operations are conducted against official Binance domains (api.binance.com, testnet.binance.vision) for the purpose of trade execution and account management.
- [CREDENTIALS_UNSAFE]: The skill handles sensitive financial credentials. It implements security protocols instructing the agent to mask secret keys in any user-facing output and to store keys in a local configuration file.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface.
- Ingestion points: Processes external data from Binance API responses and user-provided credential files.
- Boundary markers: There are no explicit delimiters defined to isolate external data from the agent's internal instruction stream.
- Capability inventory: Includes network communication and local cryptographic signing via bash scripts.
- Sanitization: Incorporates credential masking and a mandatory user confirmation step ('CONFIRM') for transactions on the mainnet.
Audit Metadata