Skills
skills/andrelandgraf/fullstackrecipes/neon-test-branches/Gen Agent Trust Hub

neon-test-branches

Fail

Audited by Gen Agent Trust Hub on Feb 15, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • EXTERNAL_DOWNLOADS (HIGH): The skill uses curl to fetch content from https://fullstackrecipes.com/api/recipes/neon-test-branches. This domain is not on the trusted source list. Fetching logic or scripts from unverified third-party APIs is a significant security risk.
  • REMOTE_CODE_EXECUTION (HIGH): The skill's purpose is 'test server orchestration' and 'environment variable management,' implying that the 'recipe' fetched via curl is intended to be executed or interpreted by the agent. Executing unverified remote scripts allows for arbitrary code execution on the host system.
  • DATA_EXFILTRATION (MEDIUM): Since the skill manages database branches and environment variables, it likely handles sensitive secrets (e.g., Neon API tokens). Fetching external code that interacts with these secrets creates a high risk of credential theft.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 15, 2026, 09:40 PM