market-data
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected. The skill interacts solely with the vendor's own API (tws.trustwallet.com) to retrieve market data.
- [PROMPT_INJECTION]: The skill ingests untrusted external data (cryptocurrency metadata like names and symbols) from market indices, which represents a surface for indirect prompt injection.
- Ingestion points: External data is received via the /v2/market/tickers and /v1/assets/listings endpoints described in SKILL.md.
- Boundary markers: None identified in the skill definition.
- Capability inventory: The skill does not possess capabilities to execute commands, write files, or perform network operations outside of the defined API calls.
- Sanitization: No explicit sanitization or validation of the ingested market data is mentioned.
Audit Metadata