Skills
skills/bitmartexchange/bitmart-skills/bitmart-exchange-spot/Gen Agent Trust Hub

bitmart-exchange-spot

Pass

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: SAFEPROMPT_INJECTIONCREDENTIALS_UNSAFECOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill interacts with external market data from the BitMart API, which creates a surface for potential indirect prompt injection. This risk is mitigated by the structured nature of the API interactions and the requirement for explicit user confirmation before executing any transactions or WRITE operations.
  • [CREDENTIALS_UNSAFE]: The skill provides instructions for the agent to access and use API credentials including the API Key, Secret, and Memo from environment variables or a local configuration file at ~/.bitmart/config.toml. It includes best-practice instructions to mask these credentials when displaying them to the user.
  • [COMMAND_EXECUTION]: The documentation includes examples of using system tools such as curl and openssl to interact with the BitMart API. These commands are used to fetch market data and submit authenticated trading requests to the official BitMart API endpoints.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 14, 2026, 12:48 PM