aicoin-market
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFEPROMPT_INJECTIONCREDENTIALS_UNSAFE
Full Analysis
- [CREDENTIALS_UNSAFE]:
- The file
lib/defaults.jsoncontains a hardcodedaccessKeyIdandaccessSecret. These are documented as a public, free-tier key pair provided by the vendor to facilitate zero-configuration access to basic API features. - [DATA_EXPOSURE]:
- The
api_key_infoaction inscripts/coin.mjsreads the local.envfile to check the configuration status and displays a truncated preview of the API key to the user. - [PROMPT_INJECTION]:
- Ingestion points: Untrusted external data from Twitter/X and news flash items are ingested through
scripts/twitter.mjs,scripts/news.mjs, andscripts/newsflash.mjs. - Boundary markers: The instructions do not define specific delimiters or instructional guardrails to prevent the agent from following commands embedded in the retrieved market data or social media content.
- Capability inventory: The skill includes the capability to write to local configuration files (
.env) via theupdate_keycommand inscripts/coin.mjsand performs authenticated network requests to the vendor API. - Sanitization: Scripts perform basic data normalization (such as XML entity decoding in
scripts/news.mjs) but do not implement filtering or sanitization specifically designed to block natural language instructions within the processed data.
Audit Metadata