relationship
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): Installation instructions point to an untrusted GitHub repository (
barneyjm/camino-skills) and suggest using an unverified installer (clawhub). - COMMAND_EXECUTION (LOW): The skill uses shell scripts to execute
curlandjqfor API interaction and data parsing. - DATA_EXFILTRATION (LOW): User-provided location coordinates and an API key are sent to an external, non-whitelisted domain (
api.getcamino.ai). - PROMPT_INJECTION (LOW): Vulnerable to indirect prompt injection as it processes and outputs descriptions from an external API without strict sanitization beyond JSON validation.
- Ingestion points: API response from
api.getcamino.aiprocessed inscripts/relationship.sh. - Boundary markers: None.
- Capability inventory: Subprocess execution of
curlandjqinscripts/relationship.sh. - Sanitization: Validates JSON structure using
jqbut does not sanitize content of the fields.
Audit Metadata