Skills
skills/coinmarketcap-official/skills-for-ai-agents-by-coinmarketcap/cmc-api-dex/Snyk

cmc-api-dex

Warn

Audited by Snyk on Mar 3, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 1.00). The skill instructs the agent to call CoinMarketCap's public DEX API (e.g., pro-api.coinmarketcap.com endpoints such as /v1/dex/search, /v1/dex/tokens/trending/list, /v1/dex/tokens/transactions, and /v1/dex/security/detail) to fetch public, user/project-provided token data and social signals which the workflow explicitly uses to make security/trading decisions, so untrusted third‑party content can materially influence agent actions.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 3, 2026, 06:14 AM