env-workflow-vercel
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADS
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill provides a fallback command to fetch a 'recipe' directly from
https://fullstackrecipes.com/api/recipes/env-workflow-vercelusingcurl. - Evidence: The domain
fullstackrecipes.comis not included in the list of Trusted External Sources. - Context: While the command does not explicitly pipe to a shell (e.g.,
| bash), fetching remote content for 'workflows' or 'recipes' often leads to the execution of the downloaded content or its inclusion in the prompt context, posing a risk of untrusted code or instruction delivery. - [Category 8] INDIRECT_PROMPT_INJECTION (LOW): The skill is designed to ingest and process data from an external API.
- Ingestion points: The output of the
curlcommand from the external API. - Boundary markers: None present in the provided snippet to delimit the external content.
- Capability inventory: The skill description mentions the ability to 'load env vars in scripts' and 'sync with Vercel CLI', suggesting command execution capabilities.
- Sanitization: No sanitization logic is visible for the fetched recipe content.
Audit Metadata