htx/spot-market
Fail
Audited by Gen Agent Trust Hub on Jun 8, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill documentation provides an installation command that downloads a shell script (
install.sh) from the official HTX Exchange GitHub repository and pipes it directly to the bash interpreter for execution. - [COMMAND_EXECUTION]: The instructions direct the AI agent to use a CLI tool named
htx-clito perform various market data queries such as fetching tickers, klines, and order book depth. - [EXTERNAL_DOWNLOADS]: The skill fetches installation scripts and references documentation from external sources, specifically the
htx-exchangeandhuobiapiGitHub organizations. - [PROMPT_INJECTION]: The skill processes external market data (e.g., price tickers and trade history) which are ingested into the agent's context. This represents a potential surface for indirect prompt injection, although the risk is limited by the structured numeric nature of the data.
- Ingestion points: Command output from
htx-cli(e.g.,tickers,market-detail-merged) cited in the examples. - Boundary markers: None identified in the provided instructions.
- Capability inventory: Shell command execution via the
htx-clitool. - Sanitization: No sanitization or validation of the API output is described.
Recommendations
- HIGH: Downloads and executes remote code from: https://github.com/htx-exchange/htx-skills-hub/releases/latest/download/install.sh - DO NOT USE without thorough review
Audit Metadata