find-cybersecurity-firm
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [DATA_EXFILTRATION]: The skill instructs the agent to read sensitive local files, specifically
.envand.env.local, to retrieve aSERVICEGRAPH_TOKEN. This represents a data exposure risk as the agent could potentially access other sensitive credentials stored in these files. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes data from an external API (
api.servicegraph.co). - Ingestion points: The agent retrieves firm information, tags, and search results from the ServiceGraph API endpoints in
SKILL.md. - Boundary markers: Absent. There are no instructions to the agent to treat API responses as untrusted data or to use specific delimiters.
- Capability inventory: The agent performs network requests via
curland local shell operations. No dynamic code execution (eval/exec) was detected. - Sanitization: Absent. The skill does not define any validation or sanitization steps for the content returned by the API before it is presented to the user.
- [COMMAND_EXECUTION]: The skill utilizes shell commands and pipes (including
tr,openssl, andawk) to calculate afirm_idlocally based on domain names. While these specific commands serve a utility purpose for the skill's functionality, they involve the execution of system subprocesses.
Audit Metadata