ostergotland-events
Warn
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill explicitly instructs the agent to use shell commands to handle websites with technical issues. It suggests using
curl -k <url> | lynx -dump -stdin(inSKILL.md). The-kor--insecureflag disables SSL certificate verification, which allows communication with potentially compromised or fraudulent servers without warning. - [EXTERNAL_DOWNLOADS]: The skill relies on fetching content from numerous external URLs listed in
references/calendars.md. These include municipal portals and local venue websites (e.g.,visitlinkoping.se,motalasjostad.se,saabarena.com). While these are legitimate local entities, the skill lacks a mechanism to verify the integrity of the downloaded content. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes untrusted data from external websites to generate summaries.
- Ingestion points: External event calendars via
webfetchandcurl(defined inSKILL.mdandreferences/calendars.md). - Boundary markers: None identified; the agent is instructed to directly interpret and summarize the fetched text.
- Capability inventory: Ability to execute shell commands (
curl,lynx) and summarize content. - Sanitization: No sanitization or filtering of the fetched HTML/text content is performed before processing.
Audit Metadata