gumroad
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill allows access to sensitive business data including sales records, customer email addresses, and revenue payouts. It also facilitates the creation of webhooks via the
gumroad webhooks createcommand, which could be configured to transmit transaction data to external endpoints.\n- [COMMAND_EXECUTION]: The skill executesgumroadCLI commands to perform store management. Instructions specify using the--yesand--no-inputflags for operations such as deleting products (gumroad products delete) or issuing refunds (gumroad sales refund), which bypasses interactive confirmation prompts.\n- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it processes data from external sources that could be influenced by third parties.\n - Ingestion points: Customer data (emails, names) retrieved via
gumroad sales listand administrative notes viagumroad admin users comments list.\n - Boundary markers: No explicit boundary markers or instructions to ignore embedded instructions are defined for the agent when processing CLI output.\n
- Capability inventory: The agent has the ability to perform high-impact actions like deleting products, refunding sales, and creating webhooks.\n
- Sanitization: No specific instructions for sanitizing or validating the content of the data returned by the CLI are provided.
Audit Metadata