account-management
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses the official
grvt-pysdkfor interacting with the GRVT exchange API. All API calls target legitimate GRVT endpoints (edge.grvt.io and edge.testnet.grvt.io). - [SAFE]: Authentication is handled via environment variables (
GRVT_TRADING_API_KEY,GRVT_TRADING_PRIVATE_KEY), which is a standard and secure practice for API-based tools. The skill provides clear instructions on where users can generate these keys on the official GRVT website. - [SAFE]: The code implements a simple .env loader to manage credentials locally, which is a common developer pattern and does not involve any external data exfiltration or unauthorized file access.
- [SAFE]: Network operations are limited to authenticated requests to GRVT's API for account management tasks (checking balances, positions, and history), which aligns with the skill's stated purpose.
Audit Metadata