bybit-account
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill provides Python scripts (
bybit_account.py,account_scenarios.py) for querying account data via a CLI interface. The scripts perform standard API interactions without unsafe command construction. - [CREDENTIALS_UNSAFE]: Hardcoded credentials (
hk:x) are present within the internal proxy URL (http://hk:x@sc-vpn.internal:8080). These appear to be standard configuration for the author's internal infrastructure and do not represent a compromise of user secrets. - [DATA_EXFILTRATION]: The skill accesses financial data from Bybit but does so using user-provided environment variables (
BYBIT_RO_API_KEY,BYBIT_RO_SECRET). The data is returned directly to the agent's context for the user. No unauthorized external data transmission was detected. - [EXTERNAL_DOWNLOADS]: The skill depends on the well-known libraries
pybitandpython-dotenv, which are installed via standard package managers.
Audit Metadata