og-image-generation
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill includes a command to fetch content from
https://fullstackrecipes.com/api/recipes/og-image-generation. This domain is not recognized as a trusted source. Downloading content from untrusted external APIs introduces the risk of the agent receiving malicious instructions or data. - [COMMAND_EXECUTION] (LOW): The skill utilizes the
curlcommand-line tool. While used here for a simple GET request, it represents a capability to interact with external networks that should be monitored. - [Indirect Prompt Injection] (LOW): The skill has an attack surface for indirect prompt injection because it ingests untrusted data from an external API without explicit boundary markers or sanitization logic defined in the skill file.
Audit Metadata