Skills
skills/mvanhorn/printing-press-library/pp-coingecko/Gen Agent Trust Hub

pp-coingecko

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions to download the coingecko-pp-cli tool and MCP server from the vendor's official resources on npm (@mvanhorn/printing-press) and GitHub (mvanhorn/printing-press-library).
  • [COMMAND_EXECUTION]: The skill's primary functionality is delivered through the execution of the coingecko-pp-cli binary with various flags and subcommands.
  • [DATA_EXFILTRATION]: The CLI tool supports a --deliver flag which allows the output of any command to be sent to an arbitrary external URL via the webhook:<url> scheme. This provides a built-in mechanism for network transmission of fetched data.
  • [PROMPT_INJECTION]: An indirect prompt injection surface is present as the skill processes data from the external CoinGecko API and possesses the capability to write to the local file system and perform network operations.
  • Ingestion points: Data is retrieved from the external CoinGecko public API (referenced in SKILL.md).
  • Boundary markers: No explicit delimiters or instructions to ignore embedded content are provided for the handling of API responses.
  • Capability inventory: The skill can write output to local files via --deliver file:<path> and send data to external network locations via --deliver webhook:<url> and the feedback command (SKILL.md).
  • Sanitization: No documentation exists within the skill concerning the sanitization or validation of the data ingested from the API before it is processed or delivered.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 05:34 PM