cryptocurrency-trader
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches real-time market data from well-known cryptocurrency exchanges including Binance, Coinbase, and Kraken via the CCXT library. These are established technology services and are considered trusted sources for the purpose of market analysis.
- [SAFE]: The skill implements advanced data validation in
scripts/advanced_validation.py, including structural checks, price logic verification, and statistical anomaly detection (Benford's Law and Z-scores) to ensure the authenticity of incoming market data and prevent hallucinations. - [SAFE]: Credential management in
llm_trading_assistant.pyfollows standard practices by retrieving OpenAI and Anthropic API keys from environment variables or direct user input for local processing. There is no evidence of these keys being transmitted to unauthorized third-party domains. - [SAFE]: A surface for indirect prompt injection exists in
llm_trading_assistant.pywhere market data summaries are interpolated into prompts. However, this is assessed as safe because the assistant lacks dangerous capabilities such as direct command execution or filesystem write access reachable via the LLM's output.
Audit Metadata