market-research

Fail

Audited by Gen Agent Trust Hub on Jul 2, 2026

Risk Level: HIGHCREDENTIALS_UNSAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill is instructed to read sensitive credentials from a local file at ~/.gooseworks/credentials.json. It specifically extracts an API key using shell commands.
  • [DATA_EXFILTRATION]: Extracted credentials and user-provided research queries are transmitted to external endpoints including api.gooseworks.ai and proxied services like Apollo and Fiber.
  • [COMMAND_EXECUTION]: The skill uses python3 -c to execute inline Python scripts for parsing credential files and curl to perform network operations. It also invokes npx for login and installation procedures.
  • [EXTERNAL_DOWNLOADS]: The skill relies on external packages (gooseworks, goose-skills) downloaded and executed from the npm registry at runtime.
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it ingests untrusted data from external market research APIs.
  • Ingestion points: API responses from company search, people search, and natural language search endpoints in SKILL.md.
  • Boundary markers: None are present to distinguish between instructions and research data.
  • Capability inventory: The agent can execute shell commands (curl, python3) and read files in the home directory.
  • Sanitization: No sanitization or validation of the ingested API data is performed before processing.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Jul 2, 2026, 06:17 AM
Security Audit — agent-trust-hub — market-research