htx/futures-account
Fail
Audited by Snyk on Jun 8, 2026
Risk Level: CRITICAL
Full Analysis
CRITICAL E005: Suspicious download URL detected in skill instructions.
- Suspicious download URL detected (high risk: 0.90). Suspicious: it's a direct .sh installer served from a GitHub release of an unverified/unknown account and the skill explicitly instructs piping the script to bash — a high‑risk distribution pattern that can deliver malware.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 1.00). The skill's Installation step runs remote code via curl -fsSL https://github.com/htx-exchange/htx-skills-hub/releases/latest/download/install.sh | bash, which executes fetched content and is required to install/run the skill, so it directly executes external code.
MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).
- Direct money access detected (high risk: 1.00). The skill is a specific crypto-derivatives account API (USDT-M perpetual futures) and includes explicit write endpoints that perform financial actions: /v1/swap_master_sub_transfer (master↔sub transfers), /v1/swap_sub_auth, /v3/swap_switch_account_type (change account type), and /v3/swap_switch_position_mode (switch position mode). These are not generic helpers — they are targeted exchange operations that can move or reallocate funds or change trading/account state. Therefore it grants direct financial execution capability.
MEDIUM W013: Attempt to modify system services in skill instructions.
- Attempt to modify system services in skill instructions detected (high risk: 0.80). The prompt tells the user to run a remote install script via "curl ... | bash", which instructs executing code that modifies the host system (and may require elevated privileges), so it encourages changing the machine's state.
Issues (4)
E005
CRITICALSuspicious download URL detected in skill instructions.
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
W009
MEDIUMDirect money access capability detected (payment gateways, crypto, banking).
W013
MEDIUMAttempt to modify system services in skill instructions.
Audit Metadata