entity-lookup
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
curlto perform API requests for looking up and deleting user entities. It correctly handles base URL configuration with a safe default (https://api.lytics.io) and includes instructions for URL-encoding values containing special characters. - [DATA_EXFILTRATION]: While the skill reads sensitive user data (profiles, identities, segments), this is the primary intended function. The data is retrieved from the official vendor domain (
api.lytics.io) and presented to the user in a structured format. - [CREDENTIALS_UNSAFE]: Sensitive authentication tokens are managed through the
LYTICS_API_TOKENenvironment variable, avoiding hardcoded secrets and following standard security practices.
Audit Metadata