Skills
skills/nimbleway/agent-skills/competitor-intel/Gen Agent Trust Hub

competitor-intel

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted content from the live web retrieved via nimble search and nimble extract.
  • Ingestion points: Web search results and extracted page content are ingested into the agent context in SKILL.md (Steps 3, 4, 5, and 6).
  • Boundary markers: The skill uses --format markdown for extraction but lacks explicit delimiters or instructions to ignore potential commands embedded in the retrieved web content.
  • Capability inventory: The skill possesses significant capabilities including Bash (subprocess execution), Write (local file persistence in ~/.nimble/), and network access via the vendor CLI.
  • Sanitization: No explicit sanitization or filtering of web-retrieved content is described before it is analyzed by the agent.
  • [COMMAND_EXECUTION]: The skill constructs shell commands using user-supplied arguments (e.g., domain names, company names) in SKILL.md (Step 1 and Step 4). This pattern relies on the agent to correctly sanitize inputs when generating the final Bash tool calls.
  • [EXTERNAL_DOWNLOADS]: During onboarding in references/profile-and-onboarding.md, the skill instructs the user to install the vendor's command-line tool (@nimbleway/cli) using npm install -g. This is a legitimate requirement for the skill's functionality as provided by the author.
  • [CREDENTIALS_UNSAFE]: The skill requires a NIMBLE_API_KEY and, in references/profile-and-onboarding.md, suggests that users add an export command to their ~/.zshrc or ~/.bashrc to persist it. This is a standard but noteworthy practice for CLI tool configuration.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 06:36 PM