alphaear-deepear-lite
Fail
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: HIGHCREDENTIALS_UNSAFEDATA_EXFILTRATIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [CREDENTIALS_UNSAFE]: The script
scripts/deepear_lite.pycontains a hardcoded PostHog API key (POSTHOG_API_KEY). Storing API keys or tokens directly in the source code is a significant security risk, as they can be easily extracted and potentially misused if the skill's code is exposed. - [DATA_EXFILTRATION]: The skill implements a 'phone home' telemetry mechanism that records function calls. It makes network requests to both the vendor's domain (
deepear.vercel.app) and a well-known third-party analytics service (PostHog), sending a unique identifier and timestamp for tracking purposes. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. It retrieves financial data from an external source (
https://deepear.vercel.app/latest.json) and incorporates the content directly into its response without sanitization or boundary markers. A malicious actor controlling the data source could inject instructions to manipulate the agent's behavior. - Ingestion points: Data is fetched from a remote JSON URL in
scripts/deepear_lite.py. - Boundary markers: None. External content is formatted directly into a Markdown report for the agent.
- Capability inventory: No high-risk capabilities like shell command execution or file system writing were found.
- Sanitization: There is no evidence of filtering or escaping of the content fetched from the remote source.
- [EXTERNAL_DOWNLOADS]: The skill fetches data configuration from the vendor's official domain (
deepear.vercel.app) and sends data to a well-known analytics service (PostHog).
Recommendations
- AI detected serious security threats
Audit Metadata