env-config
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- REMOTE_CODE_EXECUTION (CRITICAL): The README.md file recommends the command 'curl -LsSf https://astral.sh/uv/install.sh | sh', which pipes a remote script directly to a shell for execution. This is a critical security risk as the remote script can be modified by an attacker to execute arbitrary code on the user's system.
- EXTERNAL_DOWNLOADS (CRITICAL): The skill references downloads from an untrusted external domain (astral.sh), which is not included in the list of trusted external sources.
- PROMPT_INJECTION (LOW): (Category 8: Indirect Prompt Injection) The skill defines logic for loading variables from .env and secrets.json files without sanitization. 1. Ingestion points: Environment loading logic in references/api-reference.md. 2. Boundary markers: Absent. 3. Capability inventory: The loaded secrets provide access to high-privilege credentials for AWS, Stripe, and multiple AI service APIs. 4. Sanitization: No validation or sanitization of the values loaded from configuration files is performed.
Recommendations
- HIGH: Downloads and executes remote code from: https://astral.sh/uv/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata