Skills
skills/gooseworks-ai/goose-skills/linkedin-message-writer/Gen Agent Trust Hub

linkedin-message-writer

Pass

Audited by Gen Agent Trust Hub on Apr 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes curl commands to interact with the Apify API for lead research and data retrieval. These operations are explicitly documented and target a well-known service (apify.com). \n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it retrieves and processes untrusted data from external sources. \n
  • Ingestion points: LinkedIn profile data and public post content are fetched via Apify's API (Phase 2, SKILL.md). \n
  • Boundary markers: No delimiters or 'ignore embedded instructions' warnings are identified in the workflow for processing external content. \n
  • Capability inventory: The agent can perform network requests via curl and write data to the local filesystem in CSV format (SKILL.md). \n
  • Sanitization: There is no mention of sanitizing or validating the retrieved LinkedIn post content before it is used to generate personalized messages.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 10, 2026, 10:48 AM