competitive-intel
Fail
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes several shell commands, including
curl,gh,diff,mkdir, andcat, to automate website monitoring, API interaction, and local data management. - [EXTERNAL_DOWNLOADS]: The skill performs automated network requests to external domains such as
competitor.comandapi.twitter.comto retrieve content for analysis. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes unverified data from external sources.
- Ingestion points: Data enters the agent's context through web crawling of competitor pages and social media search results.
- Boundary markers: No explicit delimiters or instructions are provided to the agent to treat the fetched content as untrusted or to disregard potential instructions within that data.
- Capability inventory: The skill environment permits shell command execution and local file modifications, which could be exploited if an injection attack successfully manipulates the agent's logic.
- Sanitization: The skill does not implement any validation or sanitization of the retrieved HTML or text content before using it to generate reports.
- [REMOTE_CODE_EXECUTION]: An automated scan identified a pattern where a remote URL is piped to
python3. Manual verification confirms this as a false positive; the skill uses the-cflag to run a hardcoded local extraction script that treats the URL content strictly as data via stdin.
Recommendations
- HIGH: Downloads and executes remote code from: https://competitor.com/pricing - DO NOT USE without thorough review
Audit Metadata