arbiscan
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues or malicious patterns were detected in the skill's instructions or scripts.
- [DATA_EXFILTRATION]: The skill interacts solely with public, well-known cryptocurrency exchange APIs (Binance, OKX, Bybit, Bitget) to retrieve market data. It does not access or transmit sensitive local information, credentials, or environment variables.
- [PROMPT_INJECTION]: The skill processes external market data, presenting a surface for indirect prompt injection. However, the data is primarily numerical and the skill lacks capabilities for file modification or trade execution.
- Ingestion points: Market data from exchange API endpoints defined in fetcher.py.
- Boundary markers: None explicitly defined for API data presentation.
- Capability inventory: Limited to read-only network requests; no trade execution or system modification tools are available.
- Sanitization: Data is parsed as structured JSON and typically converted to float values for analysis.
Audit Metadata