signals
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides specific curl and jq commands for the agent to execute in a Bash environment. This grants the agent the capability to perform network requests and process data via the shell.
- [EXTERNAL_DOWNLOADS]: The agent is instructed to fetch data from signals.gtm-engine.sh. This domain is not listed in the trusted vendors or well-known services lists, although it appears to be the primary infrastructure for this skill.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface.
- Ingestion points: Untrusted external data from Trustpilot reviews and LinkedIn job listings enter the agent's context.
- Boundary markers: There are no instructions to use delimiters or ignore instructions embedded within the retrieved strings.
- Capability inventory: The agent retains Bash tool access while interpreting these external inputs, which could be exploited to run unintended commands.
- Sanitization: No evidence of sanitization or filtering of the API-returned content is provided before the agent analyzes the data.
Audit Metadata