Skills
skills/dolesshq/self-obsolescence/supabase-splinter-review/Gen Agent Trust Hub

supabase-splinter-review

Fail

Audited by Gen Agent Trust Hub on Feb 23, 2026

Risk Level: HIGHCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [CREDENTIALS_UNSAFE] (HIGH): The script scripts/run_splinter.sh extracts the database connection URL (DB_URL) from the Supabase CLI environment or uses a default fallback. This URL typically includes the plaintext password (e.g., postgresql://user:password@host).
  • Evidence: Line 35 in scripts/run_splinter.sh executes echo "db_url=$DB_URL" > "$META_PATH", writing sensitive credentials to a plain text file in the skill's subdirectory.
  • [EXTERNAL_DOWNLOADS] (LOW): The skill downloads an external SQL script from GitHub at runtime.
  • Evidence: scripts/run_splinter.sh uses curl -fsSL to fetch splinter.sql from raw.githubusercontent.com/supabase/splinter/.
  • [TRUST-SCOPE-RULE]: Severity is downgraded to LOW because supabase is a Trusted GitHub Organization.
  • [COMMAND_EXECUTION] (MEDIUM): The skill executes a downloaded SQL file against the local database instance.
  • Evidence: scripts/run_splinter.sh executes psql "$DB_URL" ... -f "$SPLINTER_SQL_PATH".
  • [INDIRECT_PROMPT_INJECTION] (LOW): The agent is instructed to parse findings from a CSV file generated by auditing the database.
  • Ingestion points: .splinter/splinter_results.csv.
  • Boundary markers: Absent.
  • Capability inventory: psql execution, file reading/writing.
  • Sanitization: Absent. A compromised or malicious database state could potentially inject instructions into the CSV that influence the agent's remediation plan.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 23, 2026, 06:04 AM