Skills
skills/eng0ai/eng0-template-skills/tanstack-chat-netlify/Gen Agent Trust Hub

tanstack-chat-netlify

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill clones a repository from https://github.com/netlify-templates/tanstack-template.git. Since the netlify-templates organization is not in the predefined list of trusted sources, the content of this repository is considered untrusted and could contain malicious code.
  • COMMAND_EXECUTION (MEDIUM): After cloning the external repository, the skill executes npm install and npm run build. These commands trigger the execution of scripts defined within the downloaded repository's package.json, creating a path for Remote Code Execution (RCE) via an untrusted external dependency.
  • INDIRECT_PROMPT_INJECTION (LOW): As a chat application utilizing 'Claude AI', the resulting software has an inherent attack surface for indirect prompt injection.
  • Ingestion points: User-provided chat messages.
  • Boundary markers: None defined in the setup script.
  • Capability inventory: The setup process requires shell access for npm and netlify commands.
  • Sanitization: Not addressed in the deployment template.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:07 PM