Skills
skills/covalenthq/goldrush-agent-skills/goldrush-cli/Gen Agent Trust Hub

goldrush-cli

Pass

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill utilizes @covalenthq/goldrush-cli via npx, which fetches and executes the CLI tool from the official vendor namespace on the NPM registry.
  • [COMMAND_EXECUTION]: The skill's primary functionality is delivered through terminal commands such as goldrush balances and goldrush watch. The goldrush install command automates the modification of local configuration files to register the tool as an MCP server for AI agents.
  • [CREDENTIALS_UNSAFE]: The skill implements secure authentication via the goldrush auth command, which stores API keys in the operating system's secure keychain rather than in environment variables or configuration files, adhering to security best practices.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 4, 2026, 07:39 PM