hyperlocal-weather-precip

Fail

Audited by Gen Agent Trust Hub on Jul 2, 2026

Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill instructions direct the agent to read API credentials from a local file located at ~/.gooseworks/credentials.json using a Python script.
  • [COMMAND_EXECUTION]: Shell execution is used for both setup and data retrieval, including python3 -c for JSON parsing and multiple curl commands for API interaction.
  • [DATA_EXFILTRATION]: Extracted credentials and user-supplied data (such as coordinates) are sent to an external domain (api.gooseworks.ai) via HTTP POST.
  • [EXTERNAL_DOWNLOADS]: The documentation references the command npx gooseworks login, which downloads and executes a package from a public registry.
  • [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface where untrusted parameters are interpolated into shell command payloads without documented sanitization.
  • Ingestion points: longitude, latitude, start, and end parameters in SKILL.md.
  • Boundary markers: Not mentioned in the provided text.
  • Capability inventory: Shell command execution via curl in SKILL.md.
  • Sanitization: No sanitization or escaping logic is described.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Jul 2, 2026, 06:18 AM
Security Audit — agent-trust-hub — hyperlocal-weather-precip