crypto-trading-logger
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation references the author's GitHub repository for installation and additional resources. This is a standard vendor-provided link and is considered safe.\n- [COMMAND_EXECUTION]: The skill includes a bash script (
scripts/log_trade.sh) that performs file system operations such as directory creation and appending text to files. These actions are consistent with the skill's purpose as a logging tool.\n- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface due to its data ingestion behavior.\n - Ingestion points: Trading observations and results are passed as positional arguments to the logging script.\n
- Boundary markers: None; data is written directly to markdown sections.\n
- Capability inventory: The script is capable of directory creation and local file-write operations.\n
- Sanitization: Input data is not sanitized or escaped before being recorded to the log files. This surface is noted as a risk factor but no malicious intent was found.
Audit Metadata