use-fullstackrecipes
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) because it ingests untrusted data from an external API. • Ingestion points: Data is fetched via
curlfromfullstackrecipes.com. • Boundary markers: None; the skill provides no instructions to the agent on how to differentiate between the system prompt and instructions found within the fetched recipes. • Capability inventory: The skill description states the agent will 'follow recipes', implying it may execute actions based on the fetched data. • Sanitization: There is no visible sanitization of the fetched markdown content. - EXTERNAL_DOWNLOADS (LOW): The skill uses
curlto fetch content fromhttps://fullstackrecipes.com. This domain is not included in the pre-approved list of trusted sources, representing a dependency on an external, untrusted entity.
Audit Metadata