api-mock-generator
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- Command Execution (HIGH): The allowed-tools list includes Bash(curl:*), which permits the agent to execute unrestricted network commands and shell scripts.
- Data Exfiltration (HIGH): By combining file Read access with unrestricted curl capabilities, the skill enables an attacker to exfiltrate sensitive environment data or local files.
- Indirect Prompt Injection (HIGH): The skill is an ingestion point for external API specifications but lacks any input sanitization or boundary markers. Evidence: Ingestion: API specifications enter context via Read/Edit; Boundary markers: Absent; Capability inventory: Read, Write, Bash(curl:*); Sanitization: Absent.
Recommendations
- AI detected serious security threats
Audit Metadata