ccxt
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill incorporates behavioral constraints from the official CCXT FAQ that instruct the agent to refuse assistance for questions that are too short or do not follow specific reporting guidelines, which may override the AI's general helpfulness.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface: 1. Ingestion points: The agent is designed to process user-provided code and verbose exchange logs (request/response data). 2. Boundary markers: No delimiters are provided to isolate untrusted exchange data from the instruction context. 3. Capability inventory: The skill facilitates usage of the CCXT library, which has extensive capabilities including order placement, funds management, and withdrawals across numerous exchanges. 4. Sanitization: No sanitization of external exchange responses is described.
- [EXTERNAL_DOWNLOADS]: The documentation provides official installation commands and links for the CCXT library targeting trusted registries like NPM and PyPI, and its official GitHub repository.
- [COMMAND_EXECUTION]: Reference files include standard command-line instructions for library setup and management (npm, pip, docker, git).
Audit Metadata