cup-cig
Pass
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: Guides the agent to use shell commands including
curl,jq, andduckdbfor retrieving and formatting public contract information. - [EXTERNAL_DOWNLOADS]: Fetches procurement metadata and financial status from multiple official Italian government domains, such as
sogei.it,mef.gov.it,serviziocontrattipubblici.it,anticorruzione.it, andopencoesione.gov.it. - [COMMAND_EXECUTION]: Notes that the
curl -k(insecure) flag is required forserviziocontrattipubblici.itdue to a self-signed certificate on the government server; this is presented as a necessary workaround for an official data source.
Audit Metadata