Skills
skills/andrelandgraf/fullstackrecipes/testing/Gen Agent Trust Hub

testing

Warn

Audited by Gen Agent Trust Hub on Feb 22, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADS
Full Analysis
  • [EXTERNAL_DOWNLOADS] (MEDIUM): The skill contains multiple commands to fetch data from an untrusted external domain.
  • Evidence: curl -H "Accept: text/markdown" https://fullstackrecipes.com/api/recipes/... is used repeatedly throughout SKILL.md to retrieve instructions.
  • Risk: The domain fullstackrecipes.com is not a trusted source. Content retrieved at runtime could be modified to include malicious instructions or code that the agent might unknowingly follow.
  • [INDIRECT_PROMPT_INJECTION] (LOW): The skill is designed to ingest untrusted Markdown content from a remote server, creating a surface for injection.
  • Ingestion points: curl commands in SKILL.md fetching content from fullstackrecipes.com.
  • Boundary markers: None present; external content is treated as authoritative instructions.
  • Capability inventory: The agent is expected to execute setup steps (bash, configuration) based on the downloaded content.
  • Sanitization: No sanitization or validation of the fetched Markdown is performed.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 22, 2026, 02:55 AM