Skills
skills/andrelandgraf/fullstackrecipes/better-auth-protected-routes/Gen Agent Trust Hub

better-auth-protected-routes

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (MEDIUM): The skill provides a fallback curl command to fetch a 'recipe' from https://fullstackrecipes.com. This domain is not recognized as a trusted source. Downloading content from unverified domains poses a risk as the retrieved data could contain malicious code or configurations.\n- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface. The skill ingests data from an external API which could be manipulated by an attacker to inject instructions into the agent's workflow.\n
  • Ingestion points: https://fullstackrecipes.com/api/recipes/better-auth-protected-routes fetched via curl.\n
  • Boundary markers: Absent. The agent is directed to use the fetched recipe without explicit validation.\n
  • Capability inventory: The skill aims to implement server-side route protection, which typically involves modifying application code or middleware configuration.\n
  • Sanitization: None provided.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 04:32 PM