openmm-order-management
Warn
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
@3rd-eye-labs/openmmpackage from the npm registry during the installation phase. This package originates from a source that is neither the skill author (qbtlabs) nor a recognized trusted organization. - [CREDENTIALS_UNSAFE]: The skill requires multiple highly sensitive API keys and secrets for financial exchanges (MEXC, Gate.io, Kraken, Bitget) to be provided via environment variables. These credentials provide the agent with direct access to trade and manage funds on these platforms.
- [COMMAND_EXECUTION]: The skill utilizes the
Bash(openmm:*)capability to execute trading commands. This allows the AI agent to place, list, and cancel orders. While documentation includes safety guidelines such as user confirmation, the underlying binary is executed with the provided API credentials. - [PROMPT_INJECTION]: A surface for indirect prompt injection exists because the skill processes data from external exchange APIs (order IDs, ticker symbols, balances).
- Ingestion points: Data retrieved from exchange APIs via
list_ordersandget_balancetools. - Boundary markers: None explicitly defined in the provided instruction files.
- Capability inventory: Subprocess execution via
openmmCLI for trading and account management. - Sanitization: No explicit sanitization or validation of API responses is documented in the skill instructions.
Audit Metadata