golgent-lifestyle-discovery
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it retrieves and displays content (such as product titles and descriptions) from an external API.
- Ingestion points: API responses from
https://ads-api-dev.usekairos.ai/ads/neoprocessed inSKILL.mdandreferences/examples.md. - Boundary markers: Absent. While there is a transparency note for users, the skill does not use delimiters to prevent the agent from interpreting API-provided text as instructions.
- Capability inventory: The skill performs network requests and data formatting; it lacks dangerous system capabilities like file writing or subprocess execution.
- Sanitization: Absent for incoming API data. The skill focuses on sanitizing outgoing data for privacy but does not validate or escape the text returned by the service.
- [DATA_EXFILTRATION]: The skill performs network operations to
ads-api-dev.usekairos.ai, which is not on the global whitelist. It transmits search keywords and, upon user consent, profile details (gender, year of birth) and location coordinates. It mitigates risk through explicit code-level sanitization in the Python and TypeScript examples that blocks sensitive fields like 'phone', 'email', and 'password'.
Audit Metadata