camino-context
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill fetches location context from an external API (api.getcamino.ai) which is then processed by the agent. The API response includes natural language fields like area_description and context_insights that could be used to influence agent behavior.
- Ingestion points: API response from https://api.getcamino.ai/context in scripts/context.sh.
- Boundary markers: Absent. The agent is not instructed to treat the API response as untrusted data.
- Capability inventory: The skill executes shell commands (curl, jq) and has access to the CAMINO_API_KEY.
- Sanitization: Absent. The response is piped directly to the agent's context.
- [EXTERNAL_DOWNLOADS]: The skill documentation suggests installation via npx skills add from a GitHub repository (github.com/barneyjm/camino-skills) and via clawhub, which involves downloading and executing code from these remote sources.
- [COMMAND_EXECUTION]: The skill uses a shell script (scripts/context.sh) that executes curl and jq to perform its primary function. It validates that user input is valid JSON before processing.
Audit Metadata