people-property
Warn
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the 'agentcash' package from the public npm registry, which is an external dependency from a source not listed as a trusted vendor.
- [REMOTE_CODE_EXECUTION]: The use of 'npx agentcash@latest' involves downloading and executing remote code at runtime, which introduces a supply chain risk if the package is compromised.
- [DATA_EXFILTRATION]: Sensitive search data is sent to 'stableenrich.dev', and the skill retrieves sensitive Personal Identifiable Information (PII) such as home addresses and phone numbers, which constitutes a risk of data exposure.
- [COMMAND_EXECUTION]: The skill performs shell command execution via 'npm' and 'npx' to set up the environment and fetch data.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. Ingestion points: API response data from 'stableenrich.dev' in SKILL.md. Boundary markers: None. Capability inventory: 'npx agentcash' for network data fetching. Sanitization: No evidence of data validation or sanitization before processing API outputs.
Audit Metadata