real-estate
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): The skill transmits address and coordinate data to api.getcamino.ai as part of its primary location intelligence function. No access to or exfiltration of sensitive local files was detected.
- [Indirect Prompt Injection] (SAFE): The skill presents an attack surface for indirect prompt injection as it processes external API data. Ingestion points: api.getcamino.ai responses. Boundary markers: Absent. Capability inventory: Limited to network requests via curl and JSON processing via jq. Sanitization: Relies on structured API response formats. The risk is minimized by the skill's narrow scope and lack of high-privilege capabilities.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill's code does not perform runtime code execution, untrusted script downloads, or dynamic package installations. The installation instructions in the documentation reference standard package management patterns.
Audit Metadata