base-app-setup
Warn
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill uses curl to fetch content from multiple subpaths of https://fullstackrecipes.com. This domain is not a recognized trusted source, making the integrity of the downloaded content unverifiable.
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection surface identified. • Ingestion points: External content is fetched via curl from fullstackrecipes.com. • Boundary markers: No delimiters or 'ignore instructions' markers are used to frame the external data. • Capability inventory: The skill implies the agent will follow the 'recipes' which likely involves system configuration and code generation. • Sanitization: No sanitization is performed on the incoming markdown.
Audit Metadata