supabase-storage
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill provides an interface for the agent to interact with storage objects using data that may originate from untrusted sources (e.g., user-uploaded file names). \n
- Ingestion points: Path and name parameters used in
upload(),remove(),move(), andcopy()methods withinSKILL.md. \n - Boundary markers: No boundary markers, delimiters, or instructions to ignore embedded commands are present to protect the agent from path-based attacks. \n
- Capability inventory: High-privilege file operations are exposed, including file deletion (
remove), file movement (move), and data overwriting viaupsert: true. \n - Sanitization: There is no evidence of sanitization, validation, or path-normalization logic to prevent an attacker from manipulating the agent into performing unauthorized operations via malicious input strings.
Recommendations
- AI detected serious security threats
Audit Metadata