currency-hedging-management
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill utilizes well-known and trusted financial services and APIs, including Shopify, Stripe, PayPal, Wise, and Open Exchange Rates, which are appropriate for the tool's intended purpose.
- [SAFE]: Best practices for credential management are explicitly followed; the service implementation instructions mandate reading API keys from environment variables rather than hardcoding them.
- [SAFE]: The skill includes a data ingestion surface for processing order data as part of its financial logic. This surface is standard for the described functionality and presents no inherent security risk:
- Ingestion points: Foreign currency order data is processed within the
exposure-tracker.jsmodule. - Boundary markers: Not explicitly required in the code generation tasks, which is standard for internal business logic implementations.
- Capability inventory: The generated logic involves standard database operations via the Prisma ORM to track exposures and revaluations.
- Sanitization: The skill focuses on financial arithmetic and data persistence using structured ORM calls, which naturally mitigates common injection risks in the generated code.
Audit Metadata