Skills
skills/lessieai/lessie-skill/people-search/Gen Agent Trust Hub

people-search

Pass

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the @lessie/cli package via npm and fetches version metadata from the vendor's official GitHub repository.
  • [COMMAND_EXECUTION]: Shell commands are used to check CLI status, perform version comparisons, and execute the Lessie CLI tool for data retrieval.
  • [DATA_EXFILTRATION]: The skill manages an OAuth token at ~/.lessie/oauth.json for service authentication. It also gathers data from the open web using the web_search and web_fetch tools.
  • [PROMPT_INJECTION]: The skill processes untrusted content from web searches. Ingestion points: web_search and web_fetch tools (SKILL.md). Boundary markers: The skill uses structured CLI filters and instruction parameters (cli-reference.md). Capability inventory: Includes CLI execution, network requests, and file access for authentication. Sanitization: No explicit content sanitization is described in the instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 9, 2026, 01:36 PM