crypto-trading-bots
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The skill instructions are focused on domain expertise and do not attempt to bypass agent safety filters or override system constraints.\n- [Data Exposure & Exfiltration] (SAFE): No access to sensitive local files (e.g., .ssh, .aws) or unauthorized network exfiltration logic was found. The skill explicitly includes validations in 'references/validations.md' to detect and prevent private key exposure in user code.\n- [Indirect Prompt Injection] (SAFE): 1. Ingestion points: User requests for trading strategies in SKILL.md context. 2. Boundary markers: Absent. 3. Capability inventory: Generates text-based code templates from static reference files; no script execution, file-writing, or network-sending capabilities are present in the skill scripts. 4. Sanitization: Absent. The risk is SAFE given the limited capability of the skill to text generation only.\n- [Unverifiable Dependencies] (SAFE): The provided code snippets reference industry-standard, reputable libraries such as 'ethers' and '@flashbots/ethers-provider-bundle'.
Audit Metadata