blofin-risk-manager
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is primarily instructional and provides logic for financial risk calculations. No malicious code, obfuscation, or data exfiltration patterns were detected.
- [CREDENTIALS_UNSAFE]: The skill requires sensitive environment variables (BLOFIN_API_KEY, BLOFIN_API_SECRET, BLOFIN_PASSPHRASE) for its operation. These are documented correctly and use the standard environment variable injection mechanism rather than hardcoding secrets.
- [COMMAND_EXECUTION]: The skill specifies a requirement for the 'node' binary. This is a standard runtime requirement for many agent skills and does not pose an inherent risk in the context of the provided instructions.
- [EXTERNAL_DOWNLOADS]: No external script downloads or unverified dependency installations were identified in the analyzed content.
- [DATA_EXFILTRATION]: All data operations (fetching balances, positions, and prices) are consistent with the skill's stated purpose of managing BloFin trading accounts. No unauthorized network calls to third-party domains were found.
Audit Metadata