Skills
skills/andrelandgraf/fullstackrecipes/unit-tests/Gen Agent Trust Hub

unit-tests

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill provides a curl command to fetch a 'recipe' from https://fullstackrecipes.com/api/recipes/unit-tests. This domain is not on the trusted sources list, and the content returned by the API is unverified and potentially executable script or configuration content.\n- COMMAND_EXECUTION (LOW): The skill suggests executing a curl command in the terminal. While the provided snippet does not directly pipe the output to a shell, it facilitates the retrieval of remote content that the user may be inclined to run.\n- PROMPT_INJECTION (LOW): (Category 8: Indirect Prompt Injection Analysis)\n
  • Ingestion points: Fetches remote data from fullstackrecipes.com/api/recipes/unit-tests via the API.\n
  • Boundary markers: Absent; there are no instructions to the agent to treat the fetched content as untrusted.\n
  • Capability inventory: Uses the curl tool for network access.\n
  • Sanitization: None detected; the content is fetched and presented without validation.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 05:23 PM