ClawHub

coinank-openapi

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed CoinAnk market-data helper that sends a CoinAnk API key only to CoinAnk for read-only GET requests.

Install only if you are comfortable letting the agent use COINANK_API_KEY to make authenticated read-only market-data requests to CoinAnk. Use a dedicated CoinAnk API key, do not paste it into chat, and ensure generated curl commands or logs redact the key and safely encode user-supplied query parameters.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (14)

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
This operation explicitly requires an `apikey` header, yet the OpenAPI `security` field is an empty array, which semantically declares that no auth is required. Client generators, gateways, and policy engines may therefore treat the endpoint as public and omit authentication handling, causing accidental unauthenticated requests, broken access control assumptions, or credential mishandling in downstream tooling. In this skill context, the risk is increased because agents may auto-consume the spec and incorrectly invoke protected external APIs.

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
The endpoint requires an `apikey` header but declares `security: []`, which tells OpenAPI consumers that authentication is not needed. That mismatch can lead automated agents, SDK generation, and API governance tools to mis-handle auth, exposing secrets through ad hoc header injection or causing unauthorized requests to be sent under false assumptions. Because this is an agent skill meant to call an external API, inaccurate auth metadata is operationally and security-relevant.

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
This endpoint documents a required `apikey` header while simultaneously declaring no security requirements through `security: []`. Such inconsistency is dangerous because consumers may interpret the endpoint as public, bypass centralized auth handling, and implement custom credential plumbing that is easier to leak, log, or misconfigure. In an API-integration skill, this can directly affect how secrets are requested and transmitted by the agent framework.

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
The operation marks the `apikey` header as required but the OpenAPI security declaration says no authentication applies. This discrepancy can break least-privilege and security automation by making downstream systems believe the route is unauthenticated, which is especially risky for agentic tooling that relies on the spec to decide when to attach secrets. The danger here is metadata-driven misuse rather than direct code execution, but it is still a real security design flaw.

Intent-Code Divergence

Medium
Confidence
99% confidence
Finding
At the top level, the specification declares `security: []`, implying the entire API is unauthenticated, while every listed endpoint requires an `apikey` header. This creates a systemic auth-model mismatch across the whole spec, increasing the chance that clients, documentation portals, and policy tooling will treat the API as public and mishandle credentials. In the context of a reusable skill, the broad inconsistency makes all integrations more error-prone and therefore more dangerous.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill explicitly instructs the agent to read an API key from the environment and send authenticated outbound requests to an external domain, but it does not require clear user-facing disclosure or consent at the time of transmission. While this is consistent with the skill's stated purpose, it still creates a real risk of silent credential use and unintended data disclosure to a third-party service.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The spec requires an apikey header for an external service but does not warn users or integrators that a credential will be transmitted off-platform. In an agent skill context, this can lead to unintentional disclosure or misuse of secrets, especially if users do not clearly understand that invoking the skill sends their API key to a third-party endpoint.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The OpenAPI spec requires an `apikey` header to be sent to `https://open-api.coinank.com`, but it does not clearly warn users that a secret credential will be transmitted to a third-party external service. In an agent-skill context, that omission can cause users or downstream integrators to provide sensitive API keys without informed consent, increasing the risk of credential exposure, misuse, or accidental reuse of a more privileged key.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
This endpoint requires an API key in a header and targets a third-party service, but the spec does not clearly warn users that their credential will be transmitted off-platform to Coinank. That creates a real credential-handling risk because users may supply sensitive keys without informed consent or understanding of the trust boundary.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
This operation also requires an apikey header but omits a clear disclosure that the skill will forward that secret to an external API provider. In agent/skill contexts, missing disclosure is security-relevant because it can cause unintentional credential sharing with a remote service outside the user's direct awareness.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The heatmap endpoint similarly requires a credential-bearing header without explicitly warning users that the secret is sent to a third-party endpoint. Although this is an API specification rather than executable code, it still exposes a genuine risk of secret disclosure through poor transparency and unsafe credential UX.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The spec requires an `apikey` header for requests to `https://open-api.coinank.com` but does not clearly disclose to users that their credential will be transmitted to an external third-party service. In an agent-skill context, this can lead to inadvertent secret disclosure or users authorizing outbound credential use without informed consent.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
Additional endpoints also require the same `apikey` header without prominent disclosure that authentication material is sent off-platform. Repetition across endpoints increases the chance that an agent or user treats the credential as routine input rather than a secret being shared with a third party.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The pattern recurs across multiple documented endpoints, showing a systemic lack of notice around external credential transmission rather than a one-off omission. In an agent environment, systemic omissions increase the probability of broad secret exposure across many operations.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal