PrivateInvestigator
Warn
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands to install tools and curl to send notifications to a local server.
- [EXTERNAL_DOWNLOADS]: Workflows in ReverseLookup.md and SocialMediaSearch.md download third-party Python packages (holehe, sherlock-project) from the public PyPI registry.
- [REMOTE_CODE_EXECUTION]: The skill executes external tools (holehe, sherlock) immediately after installation to perform automated data collection.
- [PROMPT_INJECTION]: The skill interpolates user-provided data into research agent prompts without sanitization or boundary markers. Ingestion point: Workflows/FindPerson.md; Boundary markers: Absent; Capability inventory: curl (SKILL.md), pip, holehe, sherlock (ReverseLookup.md); Sanitization: Absent.
- [DATA_EXFILTRATION]: The core functionality involves aggregating and exposing sensitive PII, including current addresses, phone numbers, and legal records.
Audit Metadata