Skills
skills/andrelandgraf/fullstackrecipes/better-auth-components/Gen Agent Trust Hub

better-auth-components

Fail

Audited by Gen Agent Trust Hub on Feb 15, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • REMOTE_CODE_EXECUTION (HIGH): The skill fetches content from an untrusted API (fullstackrecipes.com) intended for the agent to implement by creating UI components and pages. This creates a high risk of Indirect Prompt Injection (Category 8), as the remote content can control the agent's output and write arbitrary code to the filesystem.
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill utilizes curl to fetch unverified recipes from a non-whitelisted domain. This action lacks versioning or integrity verification, relying entirely on the security and trustworthiness of a third-party server.
  • DATA_EXFILTRATION (LOW): The skill performs network requests to a non-whitelisted domain, which establishes a communication channel that could potentially be used to leak environment metadata.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 15, 2026, 09:27 PM