Skills
skills/barneyjm/camino-skills/route/Gen Agent Trust Hub

route

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes a shell script scripts/route.sh to facilitate API requests. This script uses curl for network communication and jq for parsing JSON data. Input provided to the script is validated and processed using jq, which prevents standard shell injection vulnerabilities.
  • [EXTERNAL_DOWNLOADS]: The skill interacts with api.getcamino.ai to retrieve routing information and to provide users with trial API keys. These are legitimate endpoints associated with the service described in the skill metadata.
  • [DATA_EXFILTRATION]: Location coordinates provided by the user are sent to the Camino AI API. This is the intended and primary function of the skill, and data is transmitted to the official vendor domain.
  • [CREDENTIALS_UNSAFE]: The skill requires an API key (CAMINO_API_KEY) but correctly instructs the user to manage this via the environment configuration rather than hardcoding credentials.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 11:13 PM