person-lookup
Pass
Audited by Gen Agent Trust Hub on Jul 2, 2026
Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill reads an API key from a local configuration file at
~/.gooseworks/credentials.jsonand transmits it in the Authorization header toapi.gooseworks.aiandapi.orth.sh. This is standard authentication behavior for the skill's primary functionality. - [COMMAND_EXECUTION]: The skill executes shell commands via
curlfor API communication andpython3for parsing local JSON credentials. These operations are limited to the skill's intended setup and data retrieval tasks. - [PROMPT_INJECTION]: The skill identifies an attack surface for indirect prompt injection by interpolating user-provided search queries into API request bodies.
- Ingestion points: User-supplied query parameters (e.g., name, company) in
SKILL.md. - Boundary markers: None present.
- Capability inventory: File read access and shell execution via
curl. - Sanitization: No explicit sanitization or validation of the user query is performed before interpolation into the network request.
Audit Metadata