sales-prospecting
Pass
Audited by Gen Agent Trust Hub on Jul 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTIONCREDENTIALS_UNSAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
python3for configuration processing andcurlfor API interactions. Specifically, it executespython3 -cto extract keys from the localcredentials.jsonfile. - [EXTERNAL_DOWNLOADS]: The skill instructions and metadata reference
npxcommands for installation and login (goose-skills,gooseworks), which involve fetching packages from the public npm registry. - [DATA_EXFILTRATION]: The skill transmits search parameters such as industries, employee counts, and job titles to
api.gooseworks.ai. This communication is necessary for the skill to perform its lead generation functions. - [CREDENTIALS_UNSAFE]: The skill accesses
~/.gooseworks/credentials.jsonto retrieve theGOOSEWORKS_API_KEY. While this involves reading a credential file, it is restricted to the specific configuration file for the service the skill is designed to use. - [PROMPT_INJECTION]: The skill exhibits a potential surface for indirect prompt injection by ingesting and processing data from external search and validation APIs without explicit safety boundaries.
- Ingestion points: Data returned from
fiber,hunter,sixtyfour, andbrand-devAPIs through the Gooseworks proxy. - Boundary markers: None identified; external data is processed directly within the workflow.
- Capability inventory: The agent can execute network requests (
curl) and read specific local configuration files. - Sanitization: There is no explicit logic for validating or escaping the content retrieved from external API responses before it is used by the agent.
Audit Metadata