Skills
skills/holon-run/uxc/bybit-openapi-skill/Gen Agent Trust Hub

bybit-openapi-skill

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill is designed for read-only access to public financial market data (server time, tickers, order books, klines). It explicitly avoids private endpoints and trading operations.
  • [EXTERNAL_DOWNLOADS]: The skill fetches an OpenAPI schema from a public GitHub repository. This is a legitimate configuration download used to define the API interface for the uxc tool.
  • [COMMAND_EXECUTION]: The skill uses the uxc CLI to perform network requests. All commands are structured around specific GET operations defined in the OpenAPI schema, minimizing the risk of arbitrary command injection.
  • [SAFE]: Includes a validation script (scripts/validate.sh) that enforces development best practices and ensures that security-related documentation (like the read-only guardrail) is present in the skill files.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 03:14 AM
Security Audit — agent-trust-hub — bybit-openapi-skill