Skills
skills/andrelandgraf/fullstackrecipes/authentication/Gen Agent Trust Hub

authentication

Pass

Audited by Gen Agent Trust Hub on Feb 22, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
  • EXTERNAL_DOWNLOADS (LOW): The skill uses curl to fetch content from fullstackrecipes.com. This domain is not on the trusted sources list. While the content is requested as markdown, it serves as the instructional logic for the agent's setup tasks.
  • INDIRECT_PROMPT_INJECTION (LOW): The skill is vulnerable to indirect prompt injection because it ingests and processes untrusted external data.
  • Ingestion points: Multiple curl calls in SKILL.md targeting https://fullstackrecipes.com/api/recipes/*.
  • Boundary markers: Absent. There are no delimiters or instructions telling the agent to treat the fetched content as data rather than instructions.
  • Capability inventory: The skill is designed to configure environments, databases (Neon/Postgres), and authentication systems, which typically involves file modifications and command execution.
  • Sanitization: Absent. The skill does not validate or sanitize the fetched markdown before the agent interprets and acts upon the content.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 22, 2026, 02:50 AM