analyzing-options-flow
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFENO_CODE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Python script (options_flow.py) via the Bash tool to process exchange data. This is standard functionality for an options tracking tool.
- [CREDENTIALS_UNSAFE]: The skill instructions (SKILL.md) direct the agent to read API keys from a local environment file (crypto-apis.env). While accessing credentials involves sensitive data, storing them in a dedicated config file is consistent with standard secret management practices.
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted market data from Deribit, OKX, and Bybit APIs. It lacks explicit boundary markers or evidence of input sanitization, creating an attack surface where poisoned market data could potentially influence agent actions. * Ingestion points: Market data retrieval from Deribit, OKX, and Bybit (SKILL.md). * Boundary markers: Absent. * Capability inventory: Bash, Write, and Read tools (SKILL.md). * Sanitization: No validation or sanitization of external API data is described.
- [NO_CODE]: The skill references a primary Python script (options_flow.py) in its instructions and examples, but this script is not included in the provided files.
- [SAFE]: No evidence of data exfiltration, obfuscation, or malicious persistence was found. The external services referenced (Deribit, Laevitas, Greeks.live) are well-known services in the cryptocurrency industry.
Audit Metadata