Skills
skills/vm0-ai/vm0-skills/podchaser/Gen Agent Trust Hub

podchaser

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses bash -c to execute curl and jq for performing GraphQL requests and parsing the results.
  • [DATA_EXFILTRATION]: The skill stores generated API access tokens in /tmp/podchaser_token.txt and request payloads in /tmp/podchaser_request.json. Storing sensitive tokens in world-writable directories like /tmp is a common but sub-optimal security practice.
  • [PROMPT_INJECTION]: The skill retrieves and processes podcast titles, descriptions, and creator bios from api.podchaser.com, which serves as a vector for indirect prompt injection attacks.
  • Ingestion points: Metadata returned from GraphQL queries to the Podchaser API (SKILL.md).
  • Boundary markers: None identified in the prompt templates.
  • Capability inventory: Execution of bash commands for network requests and file operations.
  • Sanitization: No explicit sanitization or filtering of API response data is performed before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 07:15 AM