Skills
skills/aj-geddes/useful-ai-prompts/error-tracking/Gen Agent Trust Hub

error-tracking

Fail

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: HIGHCOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides insecure code templates that are vulnerable to SQL Injection.
  • In references/express-middleware-integration.md and SKILL.md.original, the Node.js example directly interpolates the userId parameter into a SQL query: db.query(\SELECT * FROM users WHERE id = ${userId}`)`.
  • In references/python-sentry-integration.md and SKILL.md.original, the Python example uses an f-string to inject the order_id parameter into a SQL query: db.query(f'SELECT * FROM orders WHERE id = {order_id}').
  • [DATA_EXFILTRATION]: The identified SQL Injection vulnerabilities allow for unauthorized access to the database, which can be exploited to exfiltrate sensitive user and order data.
  • [EXTERNAL_DOWNLOADS]: The skill documentation includes commands to install official Sentry components.
  • Installs the @sentry/cli globally and the @sentry/node and @sentry/tracing packages locally via npm.
  • These resources are associated with Sentry, a well-known technology service.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 4, 2026, 05:20 PM