company-intel
Warn
Audited by Gen Agent Trust Hub on Jul 2, 2026
Risk Level: MEDIUMDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill accesses a sensitive credential file to retrieve an API key and base URL.
- Evidence: Reads
~/.gooseworks/credentials.jsonto extractapi_keyandapi_base. - [COMMAND_EXECUTION]: The skill executes shell commands and inline Python scripts to process authentication data and perform network requests.
- Evidence: Uses
python3 -cfor parsing JSON andcurlfor communicating with the Gooseworks API. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection by ingesting data from external websites.
- Ingestion points: Content retrieved from external websites via the
scrapegraphAPI (e.g.,https://stripe.com/pricing). - Boundary markers: None; the skill does not use delimiters or instructions to prevent the agent from obeying commands embedded in scraped content.
- Capability inventory: The agent can execute shell commands (
curl) and perform local Python operations. - Sanitization: No sanitization or validation of external content is performed before the data enters the agent's context.
Audit Metadata