scry-people-finder
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFE
Full Analysis
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it processes data retrieved from an external corpus.
- Ingestion points: Search results from
scry.entitiesare ingested into the agent context. - Boundary markers: The skill contains explicit 'Guardrails' instructing the agent to treat all retrieved text as untrusted.
- Capability inventory: The skill utilizes
curlvia theexectool to interact with the database API. - Sanitization: The instructions recommend filtering queries with
content_riskchecks to exclude dangerous content. - [EXTERNAL_DOWNLOADS]: The skill performs network requests to
api.exopriors.comto execute SQL queries and generate embeddings. This is a vendor-owned service intended for the skill's primary function. - [CREDENTIALS_UNSAFE]: A public-facing, read-only API key (
exopriors_public_readonly_v1_2025) is included in the documentation for utility and smoke testing purposes.
Audit Metadata