htx-spot-trading
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is designed to interact with the HTX exchange by executing the
htx-clitool for order management and margin operations. - [SAFE]: The skill implements a robust human-in-the-loop safety model, explicitly instructing the agent to present transaction summaries (including symbol, side, amount, and estimated cost) and wait for user confirmation before executing any write operations.
- [SAFE]: No hardcoded credentials or sensitive data exposure patterns were detected; the skill relies on an external configuration process for API keys and correctly advises users to limit key permissions.
- [SAFE]: The installation script (
bin/install.js) performs standard local file system operations to deploy the skill files and does not contain any remote code execution or obfuscated logic. - [SAFE]: While the skill processes user trading instructions (Category 8 surface), the risk is well-mitigated by required boundary markers and the mandatory confirmation flow defined in the instructions.
Audit Metadata