hyperlocal-weather-precip
Fail
Audited by Gen Agent Trust Hub on Jul 2, 2026
Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill instructions direct the agent to read API credentials from a local file located at
~/.gooseworks/credentials.jsonusing a Python script. - [COMMAND_EXECUTION]: Shell execution is used for both setup and data retrieval, including
python3 -cfor JSON parsing and multiplecurlcommands for API interaction. - [DATA_EXFILTRATION]: Extracted credentials and user-supplied data (such as coordinates) are sent to an external domain (
api.gooseworks.ai) via HTTP POST. - [EXTERNAL_DOWNLOADS]: The documentation references the command
npx gooseworks login, which downloads and executes a package from a public registry. - [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface where untrusted parameters are interpolated into shell command payloads without documented sanitization.
- Ingestion points:
longitude,latitude,start, andendparameters inSKILL.md. - Boundary markers: Not mentioned in the provided text.
- Capability inventory: Shell command execution via
curlinSKILL.md. - Sanitization: No sanitization or escaping logic is described.
Recommendations
- AI detected serious security threats
Audit Metadata