extruct-api
Pass
Audited by Gen Agent Trust Hub on Apr 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a bundled Python script (
scripts/extruct-api) to facilitate interaction with the Extruct AI service. This script uses standard libraries and performs operations like data retrieval and task management. - [DATA_EXFILTRATION]: The skill transmits search queries and data inputs to the vendor's official API at
api.extruct.ai. This is the intended behavior for an API-integrated skill. - [PROMPT_INJECTION]: The skill provides instructions to the agent that could be interpreted as a surface for indirect injection when processing untrusted data from the web via the API.
- Ingestion points: Data retrieved from company searches and enrichment tasks is processed by the agent in file
SKILL.mdand the playbooks in thereferences/directory. - Boundary markers: The instructions recommend using triple-dash (
---) delimiters when passing data like pricing notes or descriptions into prompts, providing a degree of isolation between instructions and data. - Capability inventory: The skill possesses capabilities for command execution (via the bundled CLI), network access to vendor endpoints, and file reading for payload management.
- Sanitization: No explicit automated sanitization of API-returned content is mentioned beyond the recommended use of structural delimiters.
Audit Metadata