camino-context

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill fetches location context from an external API (api.getcamino.ai) which is then processed by the agent. The API response includes natural language fields like area_description and context_insights that could be used to influence agent behavior.
  • Ingestion points: API response from https://api.getcamino.ai/context in scripts/context.sh.
  • Boundary markers: Absent. The agent is not instructed to treat the API response as untrusted data.
  • Capability inventory: The skill executes shell commands (curl, jq) and has access to the CAMINO_API_KEY.
  • Sanitization: Absent. The response is piped directly to the agent's context.
  • [EXTERNAL_DOWNLOADS]: The skill documentation suggests installation via npx skills add from a GitHub repository (github.com/barneyjm/camino-skills) and via clawhub, which involves downloading and executing code from these remote sources.
  • [COMMAND_EXECUTION]: The skill uses a shell script (scripts/context.sh) that executes curl and jq to perform its primary function. It validates that user input is valid JSON before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 11:17 AM
Security Audit — agent-trust-hub — camino-context