pp-coingecko

Pass

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions to download and install command-line tools and MCP servers directly from the author's GitHub repository and the npm registry. These binaries are necessary for the skill's core functions.
  • [DATA_EXFILTRATION]: The coingecko-pp-cli includes a --deliver webhook:<url> flag that allows command results to be POSTed to any external URL. This capability can be used to transmit data out of the user's environment if an agent is manipulated into using it for sensitive data.
  • [COMMAND_EXECUTION]: The skill executes shell commands to install dependencies and run the core coingecko-pp-cli tool for fetching data.
  • [PROMPT_INJECTION]: The skill provides an attack surface for indirect prompt injection as it handles data from an external API and allows natural language input for command resolution.
  • Ingestion points: Responses from the Coingecko public API and the which command query string.
  • Boundary markers: No delimiters or ignore instructions are present for the interpolated arguments.
  • Capability inventory: Shell command execution and file system write operations via the --deliver file:<path> feature.
  • Sanitization: No sanitization or verification of external data is described.
Audit Metadata
Risk Level
SAFE
Analyzed
May 18, 2026, 05:17 PM
Security Audit — agent-trust-hub — pp-coingecko