Skills
skills/holon-run/uxc/dexscreener-openapi-skill/Gen Agent Trust Hub

dexscreener-openapi-skill

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches an OpenAPI configuration schema from the author's repository on GitHub to define API operations for the uxc tool.
  • [COMMAND_EXECUTION]: Uses the uxc utility to create a local command alias and execute read-only market data queries against the DexScreener API.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to its handling of untrusted third-party data. 1. Ingestion points: Public token profiles, headers, and descriptions retrieved from the api.dexscreener.com endpoints. 2. Boundary markers: Absent; there are no instructions for the agent to use delimiters or ignore instructions embedded within the API results. 3. Capability inventory: Command execution via uxc and its linked aliases. 4. Sanitization: None; the skill does not implement filtering or validation for the content of the retrieved data before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 03:14 AM