Skills
skills/gooseworks-ai/goose-skills/luma-event-attendees/Gen Agent Trust Hub

luma-event-attendees

Pass

Audited by Gen Agent Trust Hub on Apr 10, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill ingests untrusted attendee bios and event descriptions from Luma, creating a surface for indirect prompt injection. Malicious instructions embedded in these fields could influence the agent's behavior during data analysis or outreach generation.
  • Ingestion points: scripts/apify_client.py fetches raw text from Luma web pages and the Apify API.
  • Boundary markers: Absent. Scraped content is provided to the agent without delimiters or warnings.
  • Capability inventory: The skill uses the requests library for network operations and writes data to the local file system (CSV/JSON exports).
  • Sanitization: Absent. No filtering of instruction-like patterns in scraped text is performed.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 10, 2026, 10:47 AM