TronScan Data Lookup
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs read-only data retrieval from the official TronScan API service.
- Evidence: All requests target the base URL https://apilist.tronscanapi.com as defined in api_config.json.
- Evidence: The scripts utilize HTTP GET methods to fetch public blockchain data.
- [SAFE]: API credentials are managed securely through environment variables rather than being hardcoded.
- Evidence: The utils.js module checks for TRONSCAN_API_KEY in the process environment.
- Evidence: The key is passed to the API via the secure TRON-PRO-API-KEY request header.
- [SAFE]: The skill handles untrusted external data from the blockchain as a data consumer without possessing exploitable capabilities.
- Ingestion points: Data is ingested from the public TronScan API endpoints.
- Boundary markers: Data is output as structured JSON for agent interpretation.
- Capability inventory: The skill uses axios for network requests but does not include file-writing, subprocess execution, or dynamic code evaluation functions.
- Sanitization: API responses are logged as JSON strings, minimizing the risk of direct execution.
Audit Metadata