goplaces

Warn

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the goplaces CLI tool via a third-party Homebrew tap (steipete/tap/goplaces). This involves downloading and executing binaries from a source that is not listed as a trusted vendor.
  • [COMMAND_EXECUTION]: The skill's primary functionality relies on executing the goplaces binary with various arguments, which allows the agent to run shell commands.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it fetches and processes data from an external source (Google Places API).
  • Ingestion points: User reviews and place details are retrieved and placed into the agent's context (SKILL.md).
  • Boundary markers: The skill does not define specific delimiters or instructions to ignore potential commands within the retrieved data.
  • Capability inventory: The agent can execute shell commands via the goplaces CLI.
  • Sanitization: No sanitization or validation of the API response data is described.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 23, 2026, 06:06 AM
Security Audit — agent-trust-hub — goplaces