Skills
skills/gooseworks-ai/goose-skills/competitor-content-tracker/Gen Agent Trust Hub

competitor-content-tracker

Warn

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides explicit instructions for establishing persistence on the host system using a cron job (0 8 * * 1 python3 run_skill.py ...) to automate weekly execution.
  • [COMMAND_EXECUTION]: Shell commands are constructed by interpolating variables directly into command strings (e.g., python3 ... --urls "<competitor_blog_url>"). This pattern creates a risk of command injection if the input values, such as URLs or search keywords, contain shell metacharacters.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and processes untrusted data from external websites.
  • Ingestion points: Scraped content from competitor blogs, LinkedIn posts, and Twitter/X feeds obtained via the blog-scraper, linkedin-profile-post-scraper, and twitter-scraper skills.
  • Boundary markers: The prompt logic does not define clear boundaries or delimiters for the external content, nor does it include instructions for the agent to ignore directives found within the scraped data.
  • Capability inventory: The skill utilizes subprocess execution via python3 and performs file system writes to clients/<client-name>/intelligence/.
  • Sanitization: There is no evidence of sanitization or filtering of the ingested external content before it is analyzed and synthesized into reports.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 31, 2026, 09:59 PM