vercel-analytics-setup
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- Unverifiable Dependencies & Remote Code Execution (MEDIUM): The skill provides instructions to fetch a 'recipe' from an untrusted external domain using
curl. \n - Evidence:
curl -H "Accept: text/plain" https://fullstackrecipes.com/api/recipes/vercel-analytics-setupinSKILL.md. \n - Risk: The fetched content is not hosted on a trusted source and could contain malicious shell commands or scripts that the agent or user might execute blindly.\n- Indirect Prompt Injection (LOW): The skill ingests untrusted data from an external resource which could override agent instructions. \n
- Ingestion points:
recipe://fullstackrecipes.com/vercel-analytics-setupandhttps://fullstackrecipes.com/api/recipes/vercel-analytics-setup. \n - Boundary markers: Absent. The instructions do not specify delimiters or warn the agent to ignore embedded instructions in the fetched recipe. \n
- Capability inventory: The agent is tasked with fetching and processing content that likely contains setup steps and code snippets. \n
- Sanitization: Absent. There is no validation or filtering performed on the content returned by the external API.
Audit Metadata