spot
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFE
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill is designed to handle sensitive KuCoin API credentials (API Key, Secret Key, and Passphrase). It includes specific behavioral instructions for the agent to ensure these secrets are never disclosed in full and are stored securely using user-provided files.
- The skill mandates masking for all secret components when displayed to the user.
- It explicitly prohibits sending credentials to any domain other than the official KuCoin Mainnet.
- [COMMAND_EXECUTION]: The authentication documentation includes shell script examples that utilize
curlandopensslfor signing requests and interacting with the API. These commands are standard instructional components for developers and agents to authenticate correctly with the vendor's service. - [EXTERNAL_DOWNLOADS]: The skill performs network operations exclusively to official KuCoin API endpoints (
api.kucoin.comandapi-futures.kucoin.com). These are verified vendor resources necessary for the skill's primary function of spot trading and market data retrieval.
Audit Metadata