blofin-setup
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs users to install the blofin-mcp package from the npm registry and provides a placeholder repository for cloning the source code. These are standard procedures for installing vendor-provided software.
- [CREDENTIALS_UNSAFE]: The guide details the configuration of sensitive API keys, secrets, and passphrases. It correctly uses placeholders like 'your-api-key' for documentation purposes and explicitly recommends security measures such as IP whitelisting and permission minimization to protect user accounts.
Audit Metadata