Skills
skills/leoyeai/openclaw-master-skills/coingecko-openapi-skill/Gen Agent Trust Hub

coingecko-openapi-skill

Pass

Audited by Gen Agent Trust Hub on Apr 6, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns or security vulnerabilities were detected. The skill is designed with read-only guardrails for market data access.
  • [EXTERNAL_DOWNLOADS]: The skill fetches an OpenAPI schema from a public GitHub repository (holon-run/uxc). This is a standard configuration fetch used to define the API interface for the uxc tool.
  • [COMMAND_EXECUTION]: Includes a validation script (scripts/validate.sh) for environment and file consistency checks. The core workflow involves executing the uxc CLI for API interactions, which is the intended use-case.
  • [CREDENTIALS_UNSAFE]: Authentication instructions follow security best practices by directing users to use environment variables (--secret-env) for API keys rather than hardcoding credentials.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 6, 2026, 03:35 AM