lighthouse-audit
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
Bash(curl:*)tool to execute network requests against the Foghorn API. This is the primary mechanism for all functionality including authentication, site setup, and issue retrieval.- [EXTERNAL_DOWNLOADS]: The skill makes external calls tohttps://foghorn-api.artgaard.workers.dev. These requests are directed to the vendor's own infrastructure and are used to fetch configuration and audit results.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it retrieves and processes untrusted data from an external API. - Ingestion points: Data returned from
GET /pagesandGET /issuesendpoints inSKILL.md, including page URLs, paths, and audit issue titles. - Boundary markers: The documentation does not specify the use of delimiters or instructions to ignore embedded commands in the API response data.
- Capability inventory: The skill possesses the
Bash(curl:*)capability across its operational scope, which allows it to make further network requests. - Sanitization: There is no evidence of sanitization, validation, or filtering of the text content received from the API before it is processed by the agent.
Audit Metadata