Skills
skills/famaoai-creator/gemini-skills/api-fetcher/Gen Agent Trust Hub

api-fetcher

Warn

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: MEDIUMREMOTE_CODE_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [REMOTE_CODE_EXECUTION]: Found in 'src/lib.ts'. The script performs dynamic loading of a local module using require() with a variable-defined path (SCHEMA_VALIDATOR_PATH). This pattern is used to bypass build-time directory constraints but introduces a risk where the path resolution could be manipulated or the target file could be replaced in a compromised environment to execute arbitrary code.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests data from external, potentially untrusted URLs and returns it to the agent context.
  • Ingestion points: Data retrieved from user-specified URLs via fetchApi in 'src/lib.ts'.
  • Boundary markers: None identified. The skill does not wrap the fetched content in delimiters or provide instructions to the agent to ignore embedded directives.
  • Capability inventory: The skill possesses network access (secureFetch) and file system write access (safeWriteFile) in 'src/index.ts'.
  • Sanitization: While it employs schema validation via validateData, it does not sanitize the text content of the response to prevent adversarial instructions from influencing the agent's next steps.
  • [EXTERNAL_DOWNLOADS]: The skill is designed to download data from arbitrary remote endpoints using the axios library (via secureFetch). While this is the intended functionality, it serves as the primary vector for ingesting untrusted content into the local environment and agent session.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 3, 2026, 06:35 PM