investor-call-prep

Warn

Audited by Gen Agent Trust Hub on Jul 2, 2026

Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill instructs the agent to read and parse the sensitive local file ~/.gooseworks/credentials.json using python shell commands to extract API keys.
  • [COMMAND_EXECUTION]: The skill makes extensive use of shell execution via curl for API interactions and python3 -c for parsing local JSON files.
  • [DATA_EXFILTRATION]: Sensitive information, including private Google Calendar event details and user-provided company descriptions, is transmitted to an external proxy at api.gooseworks.ai.
  • [EXTERNAL_DOWNLOADS]: The skill setup suggests running npx gooseworks login to obtain credentials and relies on several external APIs (Apollo, Perplexity, Scrapegraph).
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it scrapes external investor websites and incorporates the results into agent prompts. Ingestion points: Scraped website content from Scrapegraph and search results from Perplexity (Step 3b, 3c). Boundary markers: None identified. Capability inventory: Shell execution (curl, python3) and file system access. Sanitization: No sanitization of external research data is performed before it is processed by the agent.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jul 2, 2026, 06:17 AM
Security Audit — agent-trust-hub — investor-call-prep