investor-company-prospecting
Fail
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill provides instructions to install a CLI tool using the command
curl -s "https://code.deepline.com/api/v2/cli/install" | bash. Piping a remote script directly to a shell bypasses security reviews and can lead to arbitrary code execution if the source or connection is compromised.\n- [EXTERNAL_DOWNLOADS]: The skill fetches company portfolio data from well-known sources such as Y Combinator (ycombinator.com), a16z (a16z.com), and Sequoia Capital (sequoiacap.com) usingcurl. These are documented as external data interactions from established sources.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing untrusted data from external websites and search results.\n - Ingestion points: VC portfolio pages and job board search results.\n
- Boundary markers: Absent in the provided prompt templates.\n
- Capability inventory:
curl,run_javascript,python,call_aiwith tools, anddeeplineCLI.\n - Sanitization: No sanitization logic is described for the fetched content before it is processed by the AI.\n- [COMMAND_EXECUTION]: The skill suggests using Python or JavaScript at runtime to parse fetched HTML content and generate structured CSV files.
Recommendations
- HIGH: Downloads and executes remote code from: https://code.deepline.com/api/v2/cli/install - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata