spots
Warn
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill instructs the user to download and install software from an untrusted GitHub repository (
github.com/foeken/spots). This source is not verified or part of the trusted organizations list. - [REMOTE_CODE_EXECUTION] (MEDIUM): Using
go installon an untrusted repository downloads source code and compiles it locally, providing a path for executing arbitrary code from an unverified author. - [COMMAND_EXECUTION] (LOW): The skill's primary function is to execute a local binary (
spots) with various command-line arguments. While expected for this tool, it increases the attack surface if the binary is malicious. - [PROMPT_INJECTION] (LOW): Potential for Indirect Prompt Injection as the skill processes data from the Google Places API (reviews, descriptions).
- Ingestion points: API results from Google Places search.
- Boundary markers: Absent in provided documentation.
- Capability inventory: Execution of local binary via subprocess.
- Sanitization: No sanitization logic is described for the API output.
Audit Metadata