freeagent-api
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): Indirect Prompt Injection Surface. The skill ingests external data from API responses and CSV files which may contain instructions that could influence the agent.
- Ingestion points: API response bodies (banking-financial.md, contacts-organizations.md) and CSV file parsing (contacts-organizations.md).
- Boundary markers: No explicit delimiters or instructions to ignore embedded content are provided.
- Capability inventory: The skill possesses Bash, Write, and Edit capabilities which could be targeted by data-driven instructions.
- Sanitization: No input validation or instruction filtering for ingested data is present.
- EXTERNAL_DOWNLOADS (SAFE): Network communication is directed solely to the official FreeAgent API endpoints.
- CREDENTIALS_UNSAFE (SAFE): No hardcoded secrets were found; the skill appropriately utilizes environment variables for authentication tokens.
Audit Metadata