score-and-tier
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses local shell scripts (api.sh, signup.sh) to interact with the OpenFunnel API and manages its environment. It also performs a directory search to resolve script paths.
- [EXTERNAL_DOWNLOADS]: The skill fetches signal data and account information from the vendor's official API at api.openfunnel.dev.
- [PROMPT_INJECTION]: The skill processes untrusted external data, creating a surface for indirect prompt injection. Ingestion points: Signal data such as job posting text and social media content are retrieved via the account batch API endpoint. Boundary markers: The instructions do not specify the use of delimiters or ignore-instructions to isolate external content. Capability inventory: The agent has the ability to execute shell scripts and perform network operations. Sanitization: There is no documented process for sanitizing or escaping the retrieved signal content before it is used to generate scoring reasoning.
Audit Metadata