people-property
Warn
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation and execution of the 'agentcash' package from the npm registry, which involves running external code on the system.
- [COMMAND_EXECUTION]: The skill uses 'npx agentcash@latest fetch' to communicate with the Whitepages API. This pattern executes the latest remote version of the tool, constituting dynamic code execution.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes unstructured data from an external API (stableenrich.dev). 1. Ingestion points: API responses including fields like 'name', 'currentAddress', and 'associatedPeople'. 2. Boundary markers: No delimiters are specified to isolate external data from the agent's core instructions. 3. Capability inventory: The skill has the ability to execute network requests via 'npx agentcash fetch'. 4. Sanitization: No evidence of validation or sanitization of the API responses is provided.
Audit Metadata