Goose is a powerful, locally-run AI agent that excels in privacy and extensibility but requires careful configuration to mitigate prompt injection risks when connecting to external data sources.
Goose is fully open-source under the Apache 2.0 license, allowing unrestricted commercial use and modification without vendor lock-in.
The tool executes locally on the user's machine via CLI or Desktop app and guarantees data isolation, especially when paired with local models like Ollama.
Goose integrates heavily with the Model Context Protocol (MCP), enabling it to connect with diverse external data sources and developer tools.
Due to architectural vulnerabilities in how LLMs process MCP-ingested data, Goose is susceptible to prompt injection attacks if it accesses untrusted content like calendar invites or external APIs.
Block's internal security team proactively tested the agent (Operation Pale Fire) and publicly shared the risks, demonstrating strong corporate security transparency.