job-search

Pass

Audited by Gen Agent Trust Hub on Jul 2, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses shell commands to manage its environment and perform data retrieval.
  • It utilizes python3 -c to parse and load API credentials from the local file system at ~/.gooseworks/credentials.json into environment variables.
  • It executes curl commands to interact with the Gooseworks API proxy (api.gooseworks.ai) to search for jobs, companies, and people.
  • [DATA_EXPOSURE]: The skill accesses a configuration file at ~/.gooseworks/credentials.json to retrieve the api_key and api_base. This is a sensitive file path, but the access is consistent with the standard credential management for the Goose ecosystem tools referenced in the skill.
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to use npx to run gooseworks login and goose-skills install, which downloads and executes packages from the npm registry to manage the skill environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 2, 2026, 06:17 AM
Security Audit — agent-trust-hub — job-search