pino-logging-setup
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- External Downloads (MEDIUM): The skill fetches a recipe from a non-whitelisted third-party domain. This content is intended for 'setup', which often involves command execution or configuration changes. Evidence:
https://fullstackrecipes.com/api/recipes/pino-logging-setup. - Prompt Injection (LOW): This skill creates an Indirect Prompt Injection surface by fetching remote data without sanitization. 1. Ingestion points: Remote API response from fullstackrecipes.com. 2. Boundary markers: Absent. 3. Capability inventory: Content is processed as instructions for setting up logging. 4. Sanitization: None identified.
Audit Metadata