sprintflint-api
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The README.md instructions recommend installation via
npx skills add Ancez/sprintflint-skills. The repository/user 'Ancez' is not a trusted source according to the predefined list of organizations and repositories. - [PERSISTENCE] (MEDIUM): The documentation explicitly instructs users to modify shell configuration files such as
~/.bashrcand~/.zshrcto storeSPRINTFLINT_API_TOKEN. While this is a common method for managing environment variables, these are sensitive files often targeted for persistence mechanisms. - [DATA_EXFILTRATION] (LOW): The skill performs network operations using
curltosprintflint.com. This domain is not on the established whitelist for network operations. However, this is consistent with the skill's primary stated purpose. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill possesses a vulnerability surface for indirect prompt injection.
- Ingestion points: The skill reads data (titles, descriptions, comments) from the SprintFlint API via
GETrequests. - Boundary markers: No explicit boundary markers or safety instructions are defined to separate untrusted data from the agent's instructions.
- Capability inventory: The skill can perform state-changing operations including creating, updating, and deleting projects, sprints, issues, and comments via
POST,PATCH, andDELETErequests. - Sanitization: There is no evidence of sanitization or validation of the content retrieved from the external API before it is processed by the agent.
Audit Metadata