find-xemm-opps
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION]: The SKILL.md file contains a command to download and execute a prerequisites check script via bash process substitution from the official hummingbot GitHub repository. This script is used for environment verification and is a vendor-provided resource.
- [CREDENTIALS_UNSAFE]: The find_xemm_opps.py script includes logic to load API authentication credentials from local environment files, such as .env in the home directory or project folder. These credentials (API_USER, API_PASS) are used to authenticate requests to the Hummingbot API.
- [EXTERNAL_DOWNLOADS]: The Python script performs network operations to fetch market data and submit strategy configurations to a Hummingbot API endpoint, defaulting to a local host address. It also fetches connector information and trading rules from the same API service.
Audit Metadata