gtm-enrichment-deep
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses a Python command to safely extract API credentials from the local configuration file at ~/.gooseworks/credentials.json during setup.
- [EXTERNAL_DOWNLOADS]: The skill performs network requests to api.gooseworks.ai, which is the vendor's official API infrastructure, to retrieve enrichment data.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it ingests and merges data from external sources (Sixtyfour and Apollo). Ingestion points: API responses from Sixtyfour and Apollo. Boundary markers: Absent. Capability inventory: Network access via curl and local file reading. Sanitization: Not explicitly specified in the instructions.
Audit Metadata