bingx-announcement
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXFILTRATION]: Retrieves public announcement data from official domains open-api.bingx.com and open-api.bingx.pro. These are recognized vendor-owned resources and do not represent unauthorized exfiltration.
- [PROMPT_INJECTION]: The skill processes external content from the BingX API, which constitutes an indirect injection surface. Ingestion points: API response content defined in api-reference.md. Boundary markers: None explicitly defined. Capability inventory: Network requests via fetch tool. Sanitization: The agent is instructed to summarize key fields rather than return raw external content.
- [SAFE]: Implements secure parameter handling by requiring the agent to validate all inputs against documented enums and reject special characters, reducing the risk of direct injection.
Audit Metadata