Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data access detected.
- [COMMAND_EXECUTION]: Executes curl commands to interact with the official LinkedIn REST API at api.linkedin.com. This behavior is transparent and consistent with the skill's stated purpose.
- [CREDENTIALS_UNSAFE]: Uses the LINKEDIN_ACCESS_TOKEN environment variable for authentication. No hardcoded credentials or sensitive secrets were identified.
- [PROMPT_INJECTION]: The skill accepts user-provided input for organization identifiers and post content, which creates a surface for indirect prompt injection. This risk is effectively mitigated by the skill's instruction to always confirm with the user before creating posts.
Audit Metadata