pandas-ta
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill utilizes standard Python packages including
pandas-ta,pandas,numpy, andhttpxfor data processing and API interaction. - [EXTERNAL_DOWNLOADS]: Market data is fetched from the Birdeye API (
public-api.birdeye.so), which is a well-known service for cryptocurrency OHLCV data. - [DATA_EXFILTRATION]: No sensitive data exposure detected. The scripts use environment variables for API keys and restrict network communication to the official provider domain.
- [PROMPT_INJECTION]: The skill processes structured OHLCV data from an external API, creating a theoretical surface for indirect prompt injection.
- Ingestion points: Data enters via the
fetch_ohlcv_birdeyefunction in the provided scripts. - Boundary markers: Not explicitly required as the data is used for numeric calculation rather than direct prompt construction.
- Capability inventory: Data is processed using mathematical operations; no dangerous sinks such as
eval,exec, orsubprocessare used with external inputs. - Sanitization: API responses are parsed for specific keys and explicitly cast to floating-point numbers (
.astype(float)), which sanitizes the input stream by removing non-numeric content. - [SAFE]: All core functionality is implemented using standard data science practices, and the code does not perform privileged operations or include persistence mechanisms.
Audit Metadata