football-data
Fail
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation instructs the user to install the
sports-skillspackage from PyPI or GitHub. The repositoryhttps://github.com/machina-sports/sports-skills.gitis not associated with a trusted organization or well-known service.\n- [REMOTE_CODE_EXECUTION]: Installing a package directly from a git repository usingpip install git+allows for the execution of arbitrary code during the installation process viasetup.pyor other installation hooks.\n- [COMMAND_EXECUTION]: The skill relies on thesports-skillsCLI for its primary functionality and executes a local shell scriptscripts/validate_params.shfor parameter validation. These operations involve system-level command execution.\n- [PROMPT_INJECTION]: The skill ingests user-provided strings such as team names and event IDs (e.g., in thesearch_teamquery) and incorporates them into command-line executions. Lack of comprehensive sanitization (onlyseason_idis validated inscripts/validate_params.sh) creates an attack surface for indirect prompt injection or command injection. The ingestion points include thequeryandevent_idparameters inSKILL.md, while the capability inventory includes CLI calls to thesports-skillstool.
Recommendations
- AI detected serious security threats
Audit Metadata