coinbase-cdp-connector

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill utilizes npx to download and run the @coinbase/cdp-cli package. This is an official tool provided by Coinbase, a well-known financial services organization.
  • [COMMAND_EXECUTION]: The skill performs shell command execution through the cdp CLI to manage wallets, check accounts, and interact with the Base Sepolia testnet faucet.
  • [PROMPT_INJECTION]: The skill functions as an execution layer for orders generated by other agent components (such as a crypto daytrading agent), which creates an indirect prompt injection surface where external data could influence trading actions.
  • Ingestion points: Processes Order objects containing strategy_ref metadata from upstream agents in SKILL.md.
  • Boundary markers: The documentation references an immutable audit log to record operations.
  • Capability inventory: Order execution, wallet management, and onchain payment operations via the CDP CLI.
  • Sanitization: Incorporates deterministic hard caps in connectors/hard_caps.py that operate outside the LLM's influence and requires a date-matched CONFIRM_LIVE variable for live execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 08:08 AM
Security Audit — agent-trust-hub — coinbase-cdp-connector