binance-spot-openapi-skill
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, prompt injections, or obfuscation techniques were found in any of the skill's components.
- [EXTERNAL_DOWNLOADS]: The skill correctly fetches its curated OpenAPI schema from the author's official repository (holon-run/uxc). These downloads are restricted to well-known vendor resources and are used purely for configuration.
- [COMMAND_EXECUTION]: The documentation provides standard CLI commands for the
uxctool to facilitate API linking and authentication setup. No unauthorized or hidden command execution patterns were identified. - [CREDENTIALS_UNSAFE]: The skill documentation properly handles sensitive authentication material by advising users to use environment variables or secure secret management tools like 1Password, avoiding any hardcoded secrets in the code or examples.
Audit Metadata