skills/coinmarketcap-official/skills-for-ai-agents-by-coinmarketcap/cmc-api-market/Gen Agent Trust Hub
cmc-api-market
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill consists entirely of Markdown files providing API documentation and usage examples. There are no scripts, binaries, or configuration files that execute logic within the agent's environment.
- [SAFE]: All referenced URLs point to the official infrastructure of CoinMarketCap (pro-api.coinmarketcap.com). Examples for authentication use safe placeholders (e.g., 'your-api-key') and link to the official login portal, preventing credential exposure.
- [PROMPT_INJECTION]: The documentation describes endpoints for retrieving community-generated content and news articles. This constitutes a potential indirect prompt injection surface common to data-aggregation skills. However, as this is a reference-only skill for a well-known service, the risk is inherent to the data source rather than the skill's implementation.
- Ingestion points: references/content.md and references/community.md (endpoints for news, community posts, and trending topics).
- Boundary markers: Not present (documentation only).
- Capability inventory: Allowed tools include Bash and Read.
- Sanitization: Not applicable as no code is provided to process the data.
Audit Metadata