api-mock-server
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requires running a persistent Node.js server process (
scripts/server.js) on the host machine to provide mock API functionality.- [COMMAND_EXECUTION]: The server exposes a management endpoint (POST /_api/shutdown) that triggersprocess.exit(0), allowing the server to be terminated programmatically via network request.- [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection because its primary purpose is to serve data that an AI agent will consume and act upon. - Ingestion points: Data enters the system via the
/_api/routesmanagement API and through incoming HTTP request headers, query parameters, and bodies that are evaluated against mock conditions. - Boundary markers: The server does not implement or enforce boundary markers or instructions for agents to ignore instructions embedded in the mock response data.
- Capability inventory: The server has the ability to write configuration to the local file system (
scripts/data/routes.json) and control its own lifecycle (shutdown). It does not have general shell execution capabilities. - Sanitization: There is no sanitization or validation performed on user-configured mock responses or the regex patterns used in the condition matcher, which could be exploited for local resource exhaustion (ReDoS).
Audit Metadata