square-post
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it processes user-provided text.
- Ingestion points: Untrusted data enters via the
input.textfield inSKILL.md. - Boundary markers: Absent; user input is not enclosed in delimiters to prevent instruction leakage.
- Capability inventory: Performs network POST requests to Binance API through the skill-router configuration.
- Sanitization: No input validation or sanitization is performed on the user content before submission.
- [SAFE]: Implements secure credential management. The skill uses an
agent-secrets.yamlconfiguration to define a slot for the Binance Square OpenAPI key, ensuring secrets are managed by the platform rather than hardcoded. - [SAFE]: Network activity is restricted to well-known domains. The skill communicates with official Binance endpoints (
www.binance.com), which is consistent with its stated purpose.
Audit Metadata