person-lookup

Pass

Audited by Gen Agent Trust Hub on Jul 2, 2026

Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill reads an API key from a local configuration file at ~/.gooseworks/credentials.json and transmits it in the Authorization header to api.gooseworks.ai and api.orth.sh. This is standard authentication behavior for the skill's primary functionality.
  • [COMMAND_EXECUTION]: The skill executes shell commands via curl for API communication and python3 for parsing local JSON credentials. These operations are limited to the skill's intended setup and data retrieval tasks.
  • [PROMPT_INJECTION]: The skill identifies an attack surface for indirect prompt injection by interpolating user-provided search queries into API request bodies.
  • Ingestion points: User-supplied query parameters (e.g., name, company) in SKILL.md.
  • Boundary markers: None present.
  • Capability inventory: File read access and shell execution via curl.
  • Sanitization: No explicit sanitization or validation of the user query is performed before interpolation into the network request.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 2, 2026, 06:17 AM
Security Audit — agent-trust-hub — person-lookup