Skills
skills/herklos/octobot-stack-vs-workspace/ccxt-ts-transpilation/Gen Agent Trust Hub

ccxt-ts-transpilation

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONPROMPT_INJECTIONCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
  • [REMOTE_CODE_EXECUTION] (HIGH): The instruction to run 'git config core.hooksPath .git-templates/hooks' in the setup checklist of 'SKILL.md' and the 'CI/CD Workflow' in 'references/build-test.md' redirects Git hooks to a directory within the repository.\n
  • Evidence: The command 'git config core.hooksPath .git-templates/hooks' is explicitly recommended for first-time setup.\n
  • Risk: This allows the repository to define arbitrary scripts (e.g., 'pre-commit') that execute automatically with the user's privileges during standard Git operations, providing a reliable vector for persistence and RCE.\n- [PROMPT_INJECTION] (HIGH): The skill defines a workflow for generating and testing exchange integration code based on external API specifications.\n
  • Ingestion points: External API documentation and 'ts/src/abstract/' definition files used for 'emitAPI'.\n
  • Boundary markers: None; the skill relies on manual pattern matching without explicit delimiters or instructions to ignore embedded commands in the source data.\n
  • Capability inventory: 'npm run build', 'node run-tests.js', and write access to the exchange implementation source code.\n
  • Sanitization: None identified in the provided documentation or logic.\n
  • Risk: A maliciously crafted API specification could contain instructions that trick an agent into injecting backdoors into the generated code or executing malicious commands during the build and test phase.\n- [COMMAND_EXECUTION] (MEDIUM): The skill relies on the execution of multiple build and test commands that interface with the local environment.\n
  • Evidence: Extensive use of 'npm run', 'node run-tests.js', and transpilation scripts documented in 'references/build-test.md'.\n
  • Risk: These commands provide the necessary capability for an attacker to leverage the identified injection and persistence vectors.\n- [CREDENTIALS_UNSAFE] (LOW): The documentation identifies specific local files used for storing highly sensitive exchange credentials.\n
  • Evidence: 'references/build-test.md' specifies the structure of 'keys.json' containing 'apiKey', 'secret', and 'password'.\n
  • Risk: Documenting the precise location and schema of credentials makes them a predictable target for exfiltration by other malicious skills or scripts.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 08:16 AM