aicoin-hyperliquid
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates as intended for market data retrieval without any malicious behavior detected.
- [CREDENTIALS_UNSAFE]: The file
lib/defaults.jsoncontains hardcoded API credentials. These are identified as public free-tier keys provided by the vendoraicoincomto enable out-of-the-box functionality for the skill, which is a safe practice for this use case. - [EXTERNAL_DOWNLOADS]: Network requests are made to
https://open.aicoin.com. This is the official and well-known API endpoint for the vendor's services, matching the skill's purpose. - [DATA_EXFILTRATION]: Credential management is performed locally by reading
.envfiles, and no evidence of unauthorized data exfiltration was found.
Audit Metadata