transfer-bonuses
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection where data from external sources could influence agent logic.
- Ingestion points: External data is scraped from Frequent Miler and AwardWallet into 'data/transfer-bonuses.json' via a Python script.
- Boundary markers: The instructions do not specify any delimiters or safety markers to isolate the external data from the agent's instructions.
- Capability inventory: The agent has the capability to execute local scripts and shell commands ('python3 scripts/refresh-transfer-bonuses.py', 'scripts/check-data-freshness.sh').
- Sanitization: There is no mention of sanitization, filtering, or validation of the scraped HTML/text before it is integrated into the JSON data file.
- [EXTERNAL_DOWNLOADS]: The skill performs automated network operations to fetch data from external travel websites (Frequent Miler, AwardWallet). While these are well-known industry sources, the scraping occurs at runtime via scripts, which introduces a dependency on external content.
Audit Metadata