upbit
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches the official Upbit CLI tool (
@upbit-official/upbit-cli) from the NPM registry and queries a well-known IP discovery service (api.ipify.org) during setup. - [COMMAND_EXECUTION]: Executes the
upbitCLI binary to perform market data queries and account operations. All execution patterns are consistent with the skill's documented purpose. - [SAFE]: Implements a human-in-the-loop safety rule requiring the user to type
CONFIRMbefore any write operations (orders, withdrawals, or deposits) are executed. - [SAFE]: Uses standard local configuration files (
~/.upbit/config) and environment variables for API key management, correctly advising users on how to handle sensitive credentials without hardcoding them.
Audit Metadata