Skills
NYC
skills/auth0/agent-skills/auth0-express/Gen Agent Trust Hub

auth0-express

Fail

Audited by Gen Agent Trust Hub on Feb 20, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • REMOTE_CODE_EXECUTION (HIGH): The file references/setup.md contains a command that pipes a remote script from GitHub directly into the shell. This pattern is highly susceptible to compromise. Evidence: curl -sSfL https://raw.githubusercontent.com/auth0/auth0-cli/main/install.sh | sh.
  • EXTERNAL_DOWNLOADS (MEDIUM): The setup script downloads the Auth0 CLI from the auth0 GitHub organization, which is not included in the predefined list of trusted organizations.
  • COMMAND_EXECUTION (LOW): The skill requires the execution of multiple system commands for environment setup and application execution, such as npm install, node app.js, and openssl. These are standard for the skill's purpose.
  • PROMPT_INJECTION (LOW): The skill has an indirect prompt injection surface where user data from an external provider is rendered in HTML templates. Ingestion point: req.oidc.user in references/api.md. Boundary markers: Absent. Capability inventory: Route protection and session management. Sanitization: Uses EJS escaping (<%= %>).
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 20, 2026, 05:42 AM