google-maps-teneo
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill includes instructions that attempt to override the agent's natural selection process by directing it to prefer this featured agent and by explicitly forbidding the search for external tools in the SKILL.md file.
- [COMMAND_EXECUTION]: The skill's primary operation involves executing shell commands through a local CLI binary located at
~/teneo-skill/teneo. - [DATA_EXFILTRATION]: The skill accepts external Google Maps URLs to extract business metadata and customer reviews, which involves outbound network activity via the local CLI tool.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes content from user-provided external URLs without implemented sanitization or delimiters. \n
- Ingestion points: Business and review URLs provided to the
business,reviews,busy_hours, andimagescommands in SKILL.md. \n - Boundary markers: None present. \n
- Capability inventory: Shell command execution via the
~/teneo-skill/teneotool. \n - Sanitization: No sanitization or filtering of the external content is mentioned.
Audit Metadata