gate-exchange-coupon
Pass
Audited by Gen Agent Trust Hub on Apr 26, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads the 'gate-cli' binary from the official Gate Exchange GitHub repository (github.com/gate/gate-cli). This is a well-known service and the download is verified using checksums.
- [COMMAND_EXECUTION]: The skill executes 'gate-cli' commands to fetch coupon data. The commands are restricted to read-only query operations ('cex coupon list', 'cex coupon detail').
- [DATA_EXFILTRATION]: No evidence of data exfiltration was found. The skill specifically warns against pasting API secrets into the chat and uses environment variables or local configuration for authentication.
- [CREDENTIALS_UNSAFE]: The skill follows security best practices by instructing users to manage API keys through 'gate-cli config init' or environment variables rather than hardcoding them or requesting them in plain text.
- [REMOTE_CODE_EXECUTION]: The skill does not execute arbitrary remote code. It only runs a specific, version-controlled CLI tool from a trusted source.
Audit Metadata