email-campaign
Pass
Audited by Gen Agent Trust Hub on Jul 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands using
curlfor API interactions andpython3for parsing local configuration files. - [CREDENTIALS_UNSAFE]: The skill accesses
~/.gooseworks/credentials.jsonto retrieve API keys used for authenticating with the Gooseworks platform. This is a standard credential storage location for the service. - [EXTERNAL_DOWNLOADS]: The documentation references
npx gooseworks loginandnpx goose-skills install, which involve downloading and running utilities from the public npm registry.
Audit Metadata