Skills
skills/coinmarketcap-official/skills-for-ai-agents-by-coinmarketcap/cmc-api-crypto/Snyk

cmc-api-crypto

Fail

Audited by Snyk on Mar 3, 2026

Risk Level: HIGH
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 1.00). The skill's examples show curl commands that place the API key directly in request headers (e.g., -H "X-CMC_PRO_API_KEY: your-api-key"), which implies the agent would need to embed a user's API key verbatim into generated commands/requests.
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 3, 2026, 06:14 AM