lcrm-presales-itinerary
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill operates by executing local Node.js scripts (
presales-itinerary.mjs,search.mjs,request.mjs) to perform CRM operations. These scripts use standard CLI argument parsing and process execution models. - [DATA_EXFILTRATION]: The skill requires an API key (
LCRM_API_KEY) and communicates with a CRM backend (crm.langcore.net). While it sends data to this external service, this is the core intended functionality of the skill. The network requests are handled using the standardfetchAPI with appropriate security headers (Bearer token). - [DATA_EXPOSURE]: The scripts include functionality to read data from local files via
--payload-fileand--body-filearguments. This is used to load JSON payloads for API requests. - Ingestion points:
readJsonInputfunction inlib.mjsreads from user-specified file paths. - Boundary markers: No explicit boundary markers or 'ignore' instructions are used when processing the file content.
- Capability inventory: File system access (
node:fs) and network operations (fetch) are present. - Sanitization: The skill performs JSON parsing and basic field validation (e.g., checking for required fields and enum constraints) before sending data to the API.
- [SAFE]: The code is cleanly written, uses modern Node.js features, and follows standard patterns for API-based agent skills. There is no evidence of prompt injection, obfuscation, or persistence mechanisms.
Audit Metadata