Skills
skills/nikiandr/goose-skills/get-qualified-leads-from-luma/Gen Agent Trust Hub

get-qualified-leads-from-luma

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands to run internal Python scripts for data extraction. Evidence: python3 skills/luma-event-attendees/scripts/scrape_event.py.
  • [DATA_EXFILTRATION]: The skill transmits scraped attendee data to an external destination provided by the user. Evidence: Python code in Step 5 using urllib.request.urlopen(req) to POST lead details to a webhook_url. There is no validation to ensure the URL belongs to Slack.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) as it processes untrusted data from external Luma profiles. Evidence:
  • Ingestion points: Attendee bio and title data scraped from Luma and stored in /tmp/luma_all_attendees.csv.
  • Boundary markers: Absent; untrusted profile data is passed as JSON directly to subagents for qualification.
  • Capability inventory: Shell execution, file system access, and network POST requests.
  • Sanitization: No sanitization or filtering of profile content is performed before interpolation into LLM prompts.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 05:17 PM