hackathon-finder
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Uses shell commands to verify tool installation (
which tinyfish) and execute parallel search agents using the vendor-providedtinyfishCLI tool. - [EXTERNAL_DOWNLOADS]: Directs users to install the
@tiny-fish/clipackage from npm and visit the vendor's website (https://agent.tinyfish.ai/api-keys) for API credentials. - [PROMPT_INJECTION]: The skill exhibits surfaces for both direct and indirect prompt injection. User-provided location and technology inputs are interpolated into shell commands used by the CLI; while the instructions recommend URL-encoding, any failure in the agent's execution of this step could lead to command injection. Furthermore, the skill processes untrusted content from external platforms. Ingestion points: Scraped hackathon listing data from Devpost, MLH, Luma, and Eventbrite (SKILL.md). Boundary markers: Absent; no instructions are provided to delimit external content or warn the agent against embedded instructions. Capability inventory: Subprocess execution via
tinyfish agent run, local file writes to/tmp, and network access (SKILL.md). Sanitization: Absent; the scraped data is used for scoring and display without explicit validation or escaping.
Audit Metadata