search-for-service
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill uses npx to fetch and execute the agnic package from the NPM registry at runtime.\n- [COMMAND_EXECUTION]: Executes shell commands via the Bash tool to interact with the vendor's marketplace tools and inspect service details.\n- [DATA_EXFILTRATION]: The details command performs automated network probing across multiple HTTP methods (GET, POST, etc.) against arbitrary URLs to identify payment requirements, which could be misused for scanning internal or external endpoints.\n- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection if data retrieved from the marketplace bazaar search or list commands contains malicious instructions.\n
- Ingestion points: Untrusted metadata from marketplace services enters the context via agnic x402 bazaar commands.\n
- Boundary markers: None identified in the skill instructions to separate external data from agent instructions.\n
- Capability inventory: Includes shell command execution and access to the local configuration directory for caching.\n
- Sanitization: No validation or sanitization of marketplace content is specified.
Audit Metadata