investor-call-prep
Warn
Audited by Gen Agent Trust Hub on Jul 2, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill instructs the agent to read and parse the sensitive local file
~/.gooseworks/credentials.jsonusing python shell commands to extract API keys. - [COMMAND_EXECUTION]: The skill makes extensive use of shell execution via
curlfor API interactions andpython3 -cfor parsing local JSON files. - [DATA_EXFILTRATION]: Sensitive information, including private Google Calendar event details and user-provided company descriptions, is transmitted to an external proxy at
api.gooseworks.ai. - [EXTERNAL_DOWNLOADS]: The skill setup suggests running
npx gooseworks loginto obtain credentials and relies on several external APIs (Apollo, Perplexity, Scrapegraph). - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it scrapes external investor websites and incorporates the results into agent prompts. Ingestion points: Scraped website content from Scrapegraph and search results from Perplexity (Step 3b, 3c). Boundary markers: None identified. Capability inventory: Shell execution (
curl,python3) and file system access. Sanitization: No sanitization of external research data is performed before it is processed by the agent.
Audit Metadata