@5400/trading-bot-create

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFE
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill implements secure credential management by instructing users to utilize a .env file for sensitive information like TELEGRAM_BOT_TOKEN and TELEGRAM_CHAT_ID, explicitly warning against pasting keys directly into the interface.
  • [COMMAND_EXECUTION]: Provides standard deployment commands for local execution and Docker containerization. The commands reference local assets (e.g., assets/run_one_shot.sh) intended for the bot's operation.
  • [EXTERNAL_DOWNLOADS]: The engine interacts with the MEXC cryptocurrency exchange API for market data and requires the standard brotli package for data decompression, which is routine for this use case.
  • [DATA_EXFILTRATION]: No evidence of data exfiltration. The skill is designed to send alerts to a user-defined Telegram bot and serve a local dashboard.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 03:52 AM
Security Audit — agent-trust-hub — @5400/trading-bot-create