htx-elite-positioning

Pass

Audited by Gen Agent Trust Hub on Jun 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The instructions in SKILL.md direct the agent to construct shell commands for the htx-cli binary by interpolating user-supplied values like contract_code and period into the command line. This creates a potential for command injection if the agent does not properly validate or sanitize the input before execution.
  • [EXTERNAL_DOWNLOADS]: The skill requires the htx-cli tool to be pre-installed and includes an entry point in package.json (bin/install.js) that references an installation script. These resources are provided by the vendor htx-exchange and are necessary for the skill's operation.
  • [PROMPT_INJECTION]: The skill retrieves and processes data from external HTX API endpoints, which creates an indirect prompt injection surface. Malicious data returned by the API could attempt to influence agent behavior, although the risk is low due to the expected numerical and structured nature of the data.
  • Ingestion points: API response data retrieved via htx-cli (referenced in SKILL.md).
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the prompt templates.
  • Capability inventory: The skill possesses the capability to execute the htx-cli binary on the host system.
  • Sanitization: No sanitization or validation logic is specified for the external data inputs or the API outputs.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 12, 2026, 08:49 PM
Security Audit — agent-trust-hub — htx-elite-positioning