money
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFECREDENTIALS_UNSAFEDATA_EXFILTRATIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill instructs the agent to read sensitive environment variables (OPENAI_API_KEY, ANTHROPIC_API_KEY, GEMINI_API_KEY) to provide AI capabilities.
- [DATA_EXFILTRATION]: The skill requests and stores Personally Identifiable Information (PII) including email addresses and social media handles for LinkedIn, X, and GitHub.
- [EXTERNAL_DOWNLOADS]: The skill references a third-party service (ccapi.ai) as an option for acquiring API keys.
- [PROMPT_INJECTION]: The skill contains a surface for Indirect Prompt Injection through its 'Auto-Research' feature.
- Ingestion points: Web searches and scraping of user-provided social profiles and websites (SKILL.md).
- Boundary markers: Absent. The scraped data is directly interpolated into a context block.
- Capability inventory: The skill orchestrates a variety of tasks including product deployment, financial management, and content generation.
- Sanitization: Absent. There is no mention of validating or escaping the scraped external content.
Audit Metadata