podchaser
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands via curl to query the Podchaser GraphQL API at api.podchaser.com.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests and processes untrusted podcast metadata from an external API. 1. Ingestion points: Podcast descriptions, episode details, and creator bios from api.podchaser.com (SKILL.md). 2. Boundary markers: No delimiters or ignore instructions are provided to separate external data from system prompts. 3. Capability inventory: The skill has the ability to execute shell commands via curl and write to the /tmp directory (SKILL.md). 4. Sanitization: No sanitization or validation of the retrieved API data is performed before it is processed.
Audit Metadata