aeo-audit
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill utilizes the 'goose-aeo' package via npx. This is a utility provided by the skill author (Athina AI) to perform website analysis and scoring.- [COMMAND_EXECUTION]: The skill executes shell commands to verify local configuration files ('cat .goose-aeo.yml') and run the audit utility ('npx goose-aeo status', 'npx goose-aeo audit'). these operations are standard for a command-line audit tool.- [SAFE]: The skill instructions include guidance for handling an OpenAI API key via the 'GOOSE_AEO_OPENAI_API_KEY' environment variable. This follows secure practices by advising users to set environment variables rather than hardcoding credentials.- [SAFE]: The skill processes external website content as part of its primary function. While scraping external sites introduces a surface for indirect prompt injection, the risk is mitigated as the skill's logic is constrained to scoring and providing structural recommendations.
Audit Metadata