Skills
skills/andrelandgraf/fullstackrecipes/neon-drizzle-setup/Gen Agent Trust Hub

neon-drizzle-setup

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (LOW): The skill provides instructions to fetch data using curl from https://fullstackrecipes.com. This domain is not part of the trusted external sources list, posing a risk of ingesting unverified content.
  • PROMPT_INJECTION (LOW): The skill implements an indirect prompt injection surface by fetching external 'recipes' to be processed by the agent.
  • Ingestion points: The curl command in SKILL.md fetches content from an external API.
  • Boundary markers: Absent; there are no delimiters or instructions to treat the fetched content as untrusted data.
  • Capability inventory: The agent is expected to use the fetched recipe to perform complex setup tasks, including code generation and database configuration.
  • Sanitization: None; the skill does not suggest any validation or sanitization of the fetched content.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 05:06 PM