Skills
skills/trancong12102/pi-skills/linkup/Gen Agent Trust Hub

linkup

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (LOW): The skill uses curl to interact with the Linkup API. While this is the intended functionality, it relies on the agent to safely interpolate user queries and URLs into the shell command. If the agent does not properly escape shell characters in the QUERY or url parameters, it could lead to local command injection.
  • [PROMPT_INJECTION] (LOW): As a web search and retrieval tool, the skill is susceptible to Indirect Prompt Injection. Content fetched from external websites through the search or fetch endpoints could contain malicious instructions designed to manipulate the agent's behavior.
  • Ingestion points: SKILL.md (defines calls to /v1/search and /v1/fetch which return untrusted web content).
  • Boundary markers: Absent. The skill does not define specific delimiters to wrap the retrieved content.
  • Capability inventory: Subprocess execution via curl for network requests.
  • Sanitization: Absent. There is no mention of escaping or filtering content retrieved from the web before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:30 PM