investor-research
Fail
Audited by Gen Agent Trust Hub on Jul 2, 2026
Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill instructions direct the agent to read sensitive authentication data and API keys from the local file
~/.gooseworks/credentials.json. - [COMMAND_EXECUTION]: Uses
python3command-line execution to parse JSON configuration files andcurlfor all network communications. - [DATA_EXFILTRATION]: Credentials extracted from the local filesystem are transmitted to the external domain
api.gooseworks.aiwithin Authorization headers across multiple workflow steps. - [EXTERNAL_DOWNLOADS]: The skill utilizes
npxto download and execute thegooseworksandgoose-skillspackages from the remote npm registry. - [PROMPT_INJECTION]: The skill ingests data from several external APIs including Fiber, Exa, and Sixtyfour, creating a surface for indirect prompt injection. Mandatory Evidence: Ingestion points found in
SKILL.md(Steps 1-4), lack of boundary markers or 'ignore' instructions for the agent when processing these results, high capabilities including network access and shell command execution, and no sanitization of the external data before it enters the agent context.
Recommendations
- AI detected serious security threats
Audit Metadata