Skills
skills/andrelandgraf/fullstackrecipes/custom-durable-agent/Gen Agent Trust Hub

custom-durable-agent

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill fetches remote content from https://fullstackrecipes.com, which is not a verified or trusted source. This creates an unverified external dependency.
  • REMOTE_CODE_EXECUTION (LOW): The provided curl command retrieves logic meant to configure the agent's tool execution loops. While not immediately executed via a shell pipe, it allows external control over agent behavior.
  • DATA_EXFILTRATION (LOW): The skill initiates a GET request to a non-whitelisted domain, establishing a network communication pattern with third-party infrastructure.
  • PROMPT_INJECTION (LOW): The skill is vulnerable to Indirect Prompt Injection. Evidence Chain: 1. Ingestion Point: Remote recipe fetched via curl. 2. Boundary markers: None specified in instructions. 3. Capability inventory: Claims full control over tool loops and configs. 4. Sanitization: No sanitization of external content is mentioned.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 05:27 PM