create-adapter
Warn
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: MEDIUMREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill generates TypeScript code based on content fetched from external URLs and then executes that code to 'test' the adapter. This allows logic derived from untrusted remote content to be run in the local environment.\n- [COMMAND_EXECUTION]: The testing phase (Step 4) involves running the newly created adapter code, which constitutes execution of arbitrary generated commands. The skill also writes these files to the user's configuration directory (~/.config/pattern-radar/), establishing a persistent mechanism for the generated code.\n- [DATA_EXFILTRATION]: The skill can fetch data from any arbitrary URL provided by the user. While intended for analysis, this creates a network access surface that could be misused to probe internal services or exfiltrate data.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from the web and uses it to generate executable code without sufficient sanitization or boundary markers.\n
- Ingestion points: External URLs fetched in Step 2 to analyze site structure.\n
- Boundary markers: Absent. The skill does not provide instructions to distinguish between structural data and embedded malicious instructions in the fetched content.\n
- Capability inventory: File system access (writing to ~/.config/pattern-radar/adapters/), network access (fetching URLs), and code execution (testing generated adapters).\n
- Sanitization: Absent. There are no steps mentioned to validate or filter the fetched data before it is used as context for generating the TypeScript adapter code.
Audit Metadata