agent-setup
Warn
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [External Downloads] (MEDIUM): The skill instructs the agent to fetch content from
https://fullstackrecipes.com/api/recipes/agent-setupusingcurl. This domain is not recognized as a trusted source, posing a risk of downloading unverified content.\n- [Indirect Prompt Injection] (MEDIUM): The skill facilitates the ingestion of external 'recipes' to configure agent coding guidelines, creating a vulnerability surface where malicious instructions could be embedded in the fetched configuration.\n - Ingestion points: Fetches data via a custom MCP resource URI and an external API endpoint in
SKILL.md.\n - Boundary markers: Absent; there are no instructions to isolate or treat the external content as untrusted.\n
- Capability inventory: Configures project-specific patterns and coding guidelines, which directly affects how the agent generates code.\n
- Sanitization: None detected; the agent is expected to adopt the patterns as provided.
Audit Metadata