parking-finder
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill provides installation instructions via
npx skills addfrom a GitHub repository andclawhub. While these are external sources, the provided script logic is static and does not involve the dynamic execution of remote content at runtime. - Command Execution (SAFE): The shell script uses
curlto interact with the Camino AI API andjqfor JSON processing. These commands are used for their intended purposes and are common in agent skills. - Data Exposure & Exfiltration (SAFE): The skill transmits search parameters to
api.getcamino.ai. This is the primary function of the skill. It requires an API key via an environment variable (CAMINO_API_KEY) and does not attempt to access sensitive local files like SSH keys or AWS credentials. - Indirect Prompt Injection (LOW): The skill ingests user-provided queries to search for parking.
- Ingestion points: The
queryparameter within the JSON input toparking-finder.sh. - Boundary markers: None explicitly present in the script.
- Capability inventory: Uses
curlto make network requests. - Sanitization: The script uses
jq's@urifilter to properly URL-encode the user input before it is interpolated into the API request, which prevents the input from breaking out of the query string and manipulating the HTTP request structure.
Audit Metadata