gate-exchange-flashswap
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill only utilizes read-only tools (
cex_fc_list_fc_currency_pairs,cex_fc_list_fc_orders,cex_fc_get_fc_order) provided by theuser-gateMCP service, preventing any unauthorized financial transactions or system modifications. - [SAFE]: No prompt injection techniques, such as instructions to ignore safety filters or reveal system prompts, were identified in the instructions or scenarios.
- [SAFE]: The skill implements input validation for the
statusparameter, restricting it to specific integer values (1 or 2) before calling API tools, which mitigates potential injection or error-handling issues. - [SAFE]: No obfuscation (Base64, zero-width characters, or hex encoding) or hidden URLs were found in the skill files.
- [SAFE]: The workflow explicitly prevents large data exfiltration/denial-of-service by limiting the output of currency pair queries (34,000+ rows) to a sample of 20 items and a summary.
Audit Metadata