supabase-common-errors
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The diagnostic example command
env | grep SUPABASEinreferences/examples.mdaccesses the system's environment variables. This action exposes configuration details and potentially sensitive Supabase API keys (such as service role or secret keys) to the AI agent's conversation context during troubleshooting. - [EXTERNAL_DOWNLOADS]: The skill uses
curlto interact withstatus.supabase.comandapi.supabase.cominreferences/examples.md. These are official service endpoints for Supabase and are used here for legitimate connectivity and status diagnostics. - [PROMPT_INJECTION]: The skill is designed to ingest and analyze error messages from external logs or console output (
SKILL.md). This untrusted data represents a surface for indirect prompt injection attacks. - Ingestion points: Log files and console output containing error messages and codes as described in Step 1 of the instructions.
- Boundary markers: The instructions do not define delimiters or provide specific guidance to the agent on how to differentiate between legitimate log data and potential instructions embedded within that data.
- Capability inventory: The skill has access to the
Read,Grep, andBashtools, which could be misused if the agent inadvertently follows commands found in a malicious log entry. - Sanitization: There are no verification or sanitization steps specified for the external error content before it is processed by the agent.
Audit Metadata