nutmeg-acquire
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes data from external APIs, web scraping, and downloaded files.
- Ingestion points: Processes content from arbitrary football data providers, including JSON API responses and HTML from web scraping (SKILL.md).
- Boundary markers: Includes a 'Security' section instructing the agent to treat external content as untrusted and never use it to modify system prompts.
- Capability inventory: Employs
Bash,Write, andAgenttools, which could be abused if an injection is successful. - Sanitization: Requires data shape validation and schema checking before processing external content.
- [DATA_EXFILTRATION]: The skill manages sensitive API keys and credentials for various football data providers. It defines safe handling practices, such as storing keys in
.envor.nutmeg.credentials.localfiles and ensuring they are listed in.gitignoreto prevent exposure via version control. - [EXTERNAL_DOWNLOADS]: Fetches datasets and documentation from external repositories, including the official StatsBomb open data on GitHub and the author's own 'reep' entity resolution register. These downloads target well-known repositories or vendor-owned resources.
Audit Metadata