Skills
skills/aaaaqwq/claude-code-skills/analyzing-options-flow/Gen Agent Trust Hub

analyzing-options-flow

Warn

Audited by Gen Agent Trust Hub on May 17, 2026

Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill instructs the agent to read the file {baseDir}/config/crypto-apis.env which is stated to contain API credentials. This access method exposes sensitive secrets directly into the agent's conversation context.
  • [COMMAND_EXECUTION]: The skill utilizes the Bash(crypto:options-*) tool to execute market data queries. Executing shell commands based on external data inputs necessitates careful oversight.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through external data ingestion.
  • Ingestion points: Market data APIs (e.g., CoinGecko) and blockchain RPC endpoints (e.g., Infura, Alchemy) as specified in SKILL.md and references/implementation.md.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the processing instructions.
  • Capability inventory: The skill has access to Bash, Write, and Edit tools, allowing for system-level actions based on processed data.
  • Sanitization: No data validation or sanitization steps are defined before the agent processes or reports on the retrieved external content.
  • [DATA_EXFILTRATION]: The skill performs network operations to external cryptocurrency exchanges and market data providers to retrieve trade history and order books.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 17, 2026, 10:33 PM
Security Audit — agent-trust-hub — analyzing-options-flow