competitor-product-monitor
Pass
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands via the TinyFish CLI, interpolating URLs provided by the user or inferred by the agent. This pattern creates a risk of command injection if the input contains shell-sensitive metacharacters.
- [PROMPT_INJECTION]: The skill ingests data from external competitor websites to generate reports, which is a vector for indirect prompt injection.
- Ingestion points: Data is fetched from untrusted competitor websites (blogs, changelogs, etc.) via the TinyFish agent as described in SKILL.md.
- Boundary markers: No delimiters or isolation instructions are used to separate external web content from the agent's processing instructions.
- Capability inventory: The agent can execute system commands using the TinyFish CLI.
- Sanitization: No explicit filtering or sanitization is performed on the content retrieved from the web before it is incorporated into the final report.
- [EXTERNAL_DOWNLOADS]: The skill directs users to install the @tiny-fish/cli package from the npm registry. This package is a resource associated with the skill's authoring organization.
Audit Metadata