Skills
skills/auth0/agent-skills/auth0-express/Gen Agent Trust Hub

auth0-express

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches the Auth0 CLI installation script from the vendor's official GitHub repository during the automated setup workflow.
  • [REMOTE_CODE_EXECUTION]: Executes the Auth0 CLI installation script to configure the local development environment.
  • [COMMAND_EXECUTION]: Utilizes shell commands and the Auth0 CLI to automate the creation of Auth0 applications and the retrieval of configuration metadata.
  • [PROMPT_INJECTION]: The skill includes code patterns that render external user profile data (e.g., name and email) directly into HTML responses, representing a surface for indirect prompt injection.
  • Ingestion points: Untrusted user data enters the system through the req.oidc.user object provided by the Auth0 middleware in SKILL.md and references/api.md.
  • Boundary markers: The simplified code examples lack explicit delimiters or instructions to ignore embedded content within the profile fields.
  • Capability inventory: The application utilizes res.send() and template rendering to deliver data to the client's browser.
  • Sanitization: The examples demonstrate direct string interpolation of profile data without implementing escaping or output encoding sanitization.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 05:46 PM