fuel-pricing
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes data from third-party community sources (PetrolSpy, FuelSnoop), creating an attack surface for indirect prompt injection.\n
- Ingestion points: The scripts/fuel_prices.py script fetches and displays data from multiple external APIs.\n
- Boundary markers: The skill instructs the agent to only parse the structured JSON output from the script.\n
- Capability inventory: The skill can execute local scripts via uv run and has instructions for the agent to write to a local configuration file.\n
- Sanitization: The script includes logic to filter out unrealistic price data and uses a structured data format for agent consumption.\n- [EXTERNAL_DOWNLOADS]: The skill fetches real-time fuel data and geolocation information from multiple external domains including official government sources and community aggregators.\n
- Target domains: api.onegov.nsw.gov.au (NSW Government), www.fuelwatch.wa.gov.au (WA Government), nominatim.openstreetmap.org, ip-api.com, jqdyvthpvgnvlojefpav.supabase.co, and petrolspy.com.au.\n- [COMMAND_EXECUTION]: The skill executes a Python script via uv run and provides shell snippets for checking the environment and saving user credentials.\n
- Scripts: scripts/fuel_prices.py is used to perform the core search logic and local geocoding.\n
- Filesystem: The agent is instructed to write API credentials to ~/.config/fuel-pricing/credentials.json using restricted permissions (chmod 600).
Audit Metadata