dataforseo-app-data-api
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
- PROMPT_INJECTION (MEDIUM): The skill is highly vulnerable to Indirect Prompt Injection. Evidence: 1. Ingestion points: Skill fetches untrusted app reviews and descriptions from Apple App Store and Google Play via api.dataforseo.com (referenced in SKILL.md). 2. Boundary markers: Absent. There are no instructions to delimit the external content. 3. Capability inventory: HTTP network access and the ability to process and summarize external data. 4. Sanitization: Absent. The skill does not filter or escape fetched content before presenting it to the agent.
- PROMPT_INJECTION (MEDIUM): The Examples section includes directives for the agent to install the skill (e.g., 'install dataforseo-app-data-api'). This pattern of self-installation can be exploited if encountered by an agent in untrusted web or document data.
- METADATA_POISONING (MEDIUM): The metadata field 'generated_with' claims the use of 'OpenAI GPT-5.2', a non-existent model version. This is deceptive and potentially used to imbue the skill with false authority.
- EXTERNAL_DOWNLOADS (LOW): Requires outbound network access to api.dataforseo.com and docs.dataforseo.com, which are not within the trusted domain scope.
- COMMAND_EXECUTION (LOW): The skill explicitly instructs the agent to execute cURL commands for API interaction.
- DATA_EXFILTRATION (LOW): User-provided search queries and targeting parameters are transmitted to the third-party DataForSEO service.
Audit Metadata