school-finder
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The installation instructions command users to download code from an untrusted GitHub repository (
https://github.com/barneyjm/camino-skills). This source is not part of the predefined trusted list, posing a risk of executing unverified code from an unknown author. - [DATA_EXFILTRATION] (LOW): The script transmits geographic coordinates, search queries, and an API key to
api.getcamino.ai. While this is core to its function, the domain is not on the trusted whitelist for network operations. - [COMMAND_EXECUTION] (SAFE): The shell script uses
jqfor input validation and URI encoding of parameters, which effectively prevents simple command injection via malicious input strings.
Audit Metadata