etsy-api
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): The
fetch_openapi_spec.pyscript downloads the Etsy OpenAPI specification fromwww.etsy.com. This is a trusted source and the data is used strictly for documentation and reference purposes. - [COMMAND_EXECUTION] (SAFE): The skill includes several Python helper scripts (
etsy_cli.py,oauth_pkce.py,webhook_verify.py) designed to be executed by the agent. These scripts are standard utility wrappers for API interaction and do not contain malicious code or arbitrary command execution vulnerabilities. - [CREDENTIALS_UNSAFE] (SAFE): No hardcoded API keys, secrets, or tokens were found. The skill correctly instructs the agent to use environment variables for all sensitive authentication data.
- [DATA_EXFILTRATION] (SAFE): Data transmission is limited to official Etsy API endpoints (
api.etsy.com). No patterns indicating unauthorized data exfiltration to third-party servers were detected.
Audit Metadata