client-onboarding
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill performs extensive web research and social media scraping (LinkedIn) to gather intelligence. This ingestion of untrusted external content represents a surface for indirect prompt injection (Category 8), as the agent synthesizes this data into strategy recommendations. However, there are no instructions to bypass safety filters or ignore system constraints.
- [DATA_EXFILTRATION]: The skill is designed to scrape and synthesize data regarding founders, competitors, and advertising strategies. While this involves handling business and personal intelligence, it is the primary stated purpose of the skill and is documented as part of the intelligence gathering phase.
- [EXTERNAL_DOWNLOADS]: The installation instructions use npx to install the skill, which is a standard procedure within the goose-skills ecosystem.
- [COMMAND_EXECUTION]: The skill utilizes a pattern of generating 'Structured Execution Tags' (YAML in HTML comments) which are interpreted by a downstream packet engine to route further automated tasks. This is a form of runtime orchestration based on synthesized data, which is a safe and intended design for this playbook.
Audit Metadata