binance-web3-openapi-skill
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads an OpenAPI specification from the author's GitHub repository (holon-run) to configure API mapping and command execution.
- [COMMAND_EXECUTION]: The skill relies on the uxc command-line utility to execute API requests and handle responses based on the provided schema.
- [PROMPT_INJECTION]: The skill ingests data from external Binance API endpoints which creates a surface for indirect prompt injection.
- Ingestion points: API responses from web3.binance.com containing token metadata, search results, and rankings.
- Boundary markers: Absent; the instructions do not implement delimiters or safety prompts to isolate external data.
- Capability inventory: Execution of network requests and command-line operations via uxc (SKILL.md, usage-patterns.md) and standard utilities like rg and jq (scripts/validate.sh).
- Sanitization: Absent; no validation or escaping of external content is performed before the data is presented to the agent.
Audit Metadata