oss-bounty-finder
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill provides shell and PowerShell scripts to orchestrate the 'tinyfish' CLI tool. These scripts are used for their stated purpose of running parallel web-scraping agents to aggregate bounty information.
- [SAFE]: Includes comprehensive guidance for users to manage their 'TINYFISH_API_KEY' securely using environment variables or configuration files. This follows standard industry practices for secret management and does not involve hardcoded credentials.
- [PROMPT_INJECTION]: The skill processes content from external websites (GitHub issues, bounty descriptions), which inherently creates an attack surface for indirect prompt injection. However, this risk is mitigated by the skill's request for structured JSON output and the specific instructions provided to the agent.
- Ingestion points: External data collected via 'tinyfish agent run' from URLs like GitHub, Algora, and IssueHunt.
- Boundary markers: The prompts explicitly define structured JSON schemas for the agent's response.
- Capability inventory: Shell command execution and network operations (encapsulated within the vendor's tool).
- Sanitization: Relies on structured output constraints within the LLM prompts to prevent the execution of malicious instructions found in scraped data.
Audit Metadata