goplaces
Warn
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the 'goplaces' binary from a third-party Homebrew tap ('steipete/tap/goplaces') that is not part of the trusted vendors list.
- [COMMAND_EXECUTION]: It executes the 'goplaces' CLI tool to perform searches and retrieve place details.
- [DATA_EXFILTRATION]: The 'GOOGLE_PLACES_BASE_URL' environment variable allows redirecting API calls and the associated 'GOOGLE_PLACES_API_KEY' to arbitrary external servers.
- [CREDENTIALS_UNSAFE]: Requires the 'GOOGLE_PLACES_API_KEY' environment variable for operation, which is sensitive data.
- [PROMPT_INJECTION]: Vulnerable to indirect prompt injection from untrusted API data. 1. Ingestion points: Results from 'goplaces' CLI (place names, reviews) ingested in SKILL.md. 2. Boundary markers: None identified. 3. Capability inventory: Subprocess execution of 'goplaces' binary. 4. Sanitization: None.
Audit Metadata