Skills
skills/andrelandgraf/fullstackrecipes/better-auth-emails/Gen Agent Trust Hub

better-auth-emails

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADS
Full Analysis
  • [EXTERNAL_DOWNLOADS] (MEDIUM): The skill instructs the agent to download content from https://fullstackrecipes.com/api/recipes/better-auth-emails. This domain is not on the trusted sources list, making the fetched content unverifiable.
  • [REMOTE_CODE_EXECUTION] (LOW): While the curl command does not pipe directly to a shell, it retrieves a 'recipe' which is intended to be processed or implemented by the agent, potentially leading to the execution of unverified logic.
  • [INDIRECT_PROMPT_INJECTION] (LOW): The skill facilitates the ingestion of untrusted data from an external source, creating an attack surface for indirect injection.
  • Ingestion points: HTTP request to fullstackrecipes.com via curl (SKILL.md).
  • Boundary markers: None identified; the agent is simply told to 'fetch the recipe'.
  • Capability inventory: The agent is expected to interpret and likely apply the instructions contained within the fetched recipe.
  • Sanitization: No evidence of sanitization or validation of the remote content before processing.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 05:26 PM