Skills
skills/barneyjm/camino-skills/query/Gen Agent Trust Hub

query

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The installation instructions in SKILL.md suggest using npx skills add or npx clawhub to install from https://github.com/barneyjm/camino-skills. This source is not within the trusted organizations or repositories list, representing an unverifiable dependency source. \n- COMMAND_EXECUTION (LOW): The script scripts/query.sh executes curl and jq. While these are standard tools, they are used to process user input and interact with external services. \n- DATA_EXFILTRATION (LOW): The script sends the CAMINO_API_KEY to https://api.getcamino.ai. Although this is the primary service domain for the skill, it is not on the pre-approved whitelist for data transmission. \n- PROMPT_INJECTION (LOW): As an indirect injection surface (Category 8), the skill processes natural language queries and may ingest web-enriched data from the API's 'advanced' mode. \n
  • Ingestion points: API response data in scripts/query.sh. \n
  • Boundary markers: Absent in the script's handling of API output. \n
  • Capability inventory: Shell command execution via curl and jq. \n
  • Sanitization: The script correctly uses jq's @uri filter to sanitize user-provided parameters before making the network request.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 03:31 PM