fuel-pricing
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches fuel pricing data from official Australian government sources (WA FuelWatch, NSW FuelCheck) and community aggregators (PetrolSpy, FuelSnoop). It also uses Nominatim and ip-api.com for geolocation tasks. All network activity is consistent with the skill's stated purpose.
- [COMMAND_EXECUTION]: Execution of the local Python script is handled via 'uv'. The script includes a browser-based geolocation flow that starts a temporary local HTTP server to receive coordinates, a standard pattern for CLI tools requiring high-accuracy location data.
- [CREDENTIALS_UNSAFE]: The skill manages optional API keys for government data. It follows security best practices by storing these in a local configuration file with restricted access permissions (chmod 0600), preventing unauthorized access by other users on the system.
Audit Metadata