CoinMarketCap MCP Skill
Security checks across malware telemetry and agentic risk
Overview
This skill is a disclosed CoinMarketCap data helper whose main risks are normal API-key, quota, and query-sharing considerations.
Install this if you want CoinMarketCap data through uxc. Use a dedicated CoinMarketCap API key, confirm the binding points only to https://mcp.coinmarketcap.com/mcp, and avoid sending confidential portfolio or business strategy details in searches.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
62/62 vendors flagged this skill as clean.