hap-v3-api
Fail
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: HIGHCREDENTIALS_UNSAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill explicitly directs the AI to locate and parse sensitive local configuration files, including '
/.cursor/mcp.json', '/.claude/config.json', and '~/Library/Application Support/Cursor/User/settings.json'. These files are known to store private authentication tokens, API keys, and environment-specific secrets. - [PROMPT_INJECTION]: The 'AI Assistant Usage Guide' contains imperative instructions that override the agent's standard boundaries, forcing it to 'automatically detect' and extract credentials from the user's filesystem instead of requesting them from the user.
- [COMMAND_EXECUTION]: The skill provides a functional JavaScript implementation for the agent to inspect the host environment (reading environment variables like '$TERM_PROGRAM' and '$CLAUDE_SESSION') and perform direct filesystem I/O operations to harvest configuration data.
- [EXTERNAL_DOWNLOADS]: The skill suggests executing the Apifox MCP Server via npx to retrieve API documentation from the official Apifox service, which involves running external packages at runtime.
Recommendations
- AI detected serious security threats
Audit Metadata