Skills
skills/gooseworks-ai/goose-skills/api-tester/Gen Agent Trust Hub

api-tester

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses python3 -c commands to parse the local JSON configuration file and curl to interact with API endpoints. These commands are used for legitimate configuration management and testing purposes.
  • [CREDENTIALS_UNSAFE]: Instructions describe reading an API key from ~/.gooseworks/credentials.json. This file is part of the vendor's own configuration environment, and its use is intended for authenticating with the vendor's official API endpoint (api.gooseworks.ai).
  • [DATA_EXFILTRATION]: The skill performs network operations to the vendor's domain and various third-party documentation and API sites (e.g., Stripe, OpenAI). These network requests are necessary for the skill's primary function of testing and documenting API endpoints and do not involve unauthorized data transmission.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 01:05 PM