tokenmist
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a standard API integration that behaves according to its stated purpose without any hidden or malicious functionality.
- [EXTERNAL_DOWNLOADS]: Network operations are directed solely to the official Tokenomist API domain (
api.tokenomist.ai) using the platform's standardproxied_getutility. - [CREDENTIALS_UNSAFE]: Secrets management is handled correctly via environment variables (
TOKENMIST_API_KEY). The code includes specific logic to redact placeholder API keys from error logs to prevent accidental exposure. - [COMMAND_EXECUTION]: No shell command execution, subprocess spawning, or dynamic code evaluation (
eval/exec) is present in the skill's logic. - [DATA_EXFILTRATION]: Data access is limited to fetching tokenomics data. There is no evidence of the skill accessing sensitive local files or transmitting user data to unauthorized third-party services.
Audit Metadata