football-betting-analysis
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill makes HTTP GET requests to FlashScore's RapidAPI endpoints and performs web scraping on
www.flashscore.coto fetch match previews and statistics. This is the primary purpose of the skill. - [COMMAND_EXECUTION]: The skill uses Python scripts (
build_match_context.pyandgenerate_teams_csv.py) to process API data. These scripts are invoked with specific match or team IDs and do not execute arbitrary shell commands. - [CREDENTIALS_UNSAFE]: The skill requires a
RAPIDAPI_KEY. It securely looks for this key in the environment variableRAPIDAPI_KEYor in local configuration files like~/.claude/settings.json. It does not contain hardcoded secrets. - [DATA_EXFILTRATION]: No sensitive local data is accessed or sent to external servers. The network operations are limited to well-known sports data providers.
- [PROMPT_INJECTION]: The instructions contain strict guidelines to prevent the AI from fabricating data (
[N/A]markers) and to use probabilistic language, which serves as a safety constraint against overconfident or false betting advice.
Audit Metadata