Skills
skills/broomva/skills/health/Gen Agent Trust Hub

health

Pass

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The install.sh script performs remote downloads by cloning the author's GitHub repository and fetching setup scripts from raw.githubusercontent.com/broomva. These resources originate from the vendor's own organization and are part of the standard installation workflow.
  • [REMOTE_CODE_EXECUTION]: The skill documentation and installation scripts support a one-line installation method via curl | bash targeting the author's repository. This pattern is used to bootstrap the Python environment and CLI binary from the author's controlled infrastructure.
  • [COMMAND_EXECUTION]: The adapter implementation in src/broomva_health/adapters/sources/garmin_cli.py uses subprocess.run to delegate synchronization requests to the garmin-connect command-line utility. The arguments passed to this subprocess are constrained to fixed command literals designed to return structured data.
  • [PROMPT_INJECTION]: The skill ingests data from external Garmin APIs and user-generated Markdown files, which represents an indirect prompt injection surface. The tool mitigates this risk by using Pydantic models for strict schema validation of all ingested health metrics and by employing specific character-escaping logic when writing frontmatter to Obsidian notes.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 26, 2026, 09:11 PM
Security Audit — agent-trust-hub — health