coingecko-api
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary function is to fetch market data from the official CoinGecko API. All network operations are directed to well-known and trusted domains (api.coingecko.com and pro-api.coingecko.com).
- [SAFE]: Credential management follows best practices by retrieving the API key from environment variables (
COINGECKO_API_KEY) rather than using hardcoded values. No sensitive local files are accessed or exposed. - [SAFE]: The Python scripts (
scripts/fetch_market_data.pyandscripts/historical_analysis.py) use standard, well-maintained libraries for data processing and networking (httpx,pandas,numpy). No instances of dynamic code execution, obfuscation, or persistence mechanisms were found. - [SAFE]: The skill includes robust error handling and rate-limiting logic with exponential backoff, which is appropriate for interacting with public APIs.
Audit Metadata