product-discovery
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill executes local bash scripts to interface with the Channel3 API. Analysis of
search.sh,similar.sh,categories.sh, andbrands.shconfirms that user-supplied input is handled safely. The scripts usejqfor URI encoding and JSON body construction, which effectively prevents shell command injection and JSON structure manipulation. - [SAFE]: Network activity is restricted to
api.trychannel3.com, the official endpoint for the service provider. This communication is essential for the skill's primary purpose and is transparently documented for the user. - [SAFE]: The skill processes external product data, creating an indirect prompt injection surface. This risk is managed through a documented evidence chain:
- Ingestion points: Data enters the context from API responses via
search.sh,similar.sh,categories.sh, andbrands.sh. - Boundary markers: The skill instructions explicitly direct the agent to 'synthesize all output' and 'never paste it raw,' which serves as an instruction-level delimiter.
- Capability inventory: The skill is granted shell and network permissions, which are strictly used for the intended API communication.
- Sanitization: The bash scripts use
jqto parse and reformat the API's JSON output into a concise summary, providing a layer of data transformation before the content reaches the agent.
Audit Metadata