competitor-engagers
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection as it processes untrusted data from external sources.
- Ingestion points: Retrieves and processes comments and reactions from external LinkedIn posts via the RapidAPI service (SKILL.md).
- Boundary markers: None identified; the instructions do not specify delimiters or constraints to isolate external LinkedIn content from agent instructions.
- Capability inventory: The skill uses
npm runto execute local scripts and performs file system operations in the~/output/directory (SKILL.md). - Sanitization: There is no evidence of sanitization or validation of the text content fetched from LinkedIn before it enters the agent's context.
- [COMMAND_EXECUTION]: Executes local scripts using
npm run competitor-engagers. This is consistent with the intended purpose of the skill as a project-specific CLI tool. - [SAFE]: Instructions for secret management, specifically storing API keys in a
.envfile, represent standard security best practices. The external services utilized (RapidAPI and OpenRouter) are well-known technology providers.
Audit Metadata