supadata
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill interacts with a legitimate service API at
api.supadata.ai. All network operations are directed to this domain for the skill's primary functionality. - [SAFE]: Authentication is handled securely using an environment variable (
SUPADATA_TOKEN) defined in thevm0_secretsmetadata, avoiding hardcoded credentials. - [SAFE]: Command execution is limited to standard utilities like
curlandjq. The use ofbash -cis documented as a workaround for environment variable handling in specific environments and does not involve executing untrusted remote scripts. - [SAFE]: Local file operations are restricted to creating temporary data files in
/tmp/(/tmp/supadata_url.txt,/tmp/supadata_request.json), which is a standard practice for handling command arguments. - [SAFE]: No obfuscation, persistence mechanisms, or privilege escalation patterns were detected.
Audit Metadata