nocobase-bugfix
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFECREDENTIALS_UNSAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill reads the NOCOBASE_TEST_API_TOKEN from the project's .env file, environment variables, or shell environment. While standard for tool configuration, it involves handling sensitive secrets.\n- [DATA_EXFILTRATION]: The agent transmits the retrieved API token to an external endpoint at https://test_management.v2.test.nocobase.com via a Bearer token header. The target domain is associated with the NocoBase project and aligns with the author's stated purpose.\n- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface by fetching task content from an external API.\n
- Ingestion points: Data returned from the curl command to the task management API at test_management.v2.test.nocobase.com.\n
- Boundary markers: There are no explicit delimiters or instructions to the agent to ignore instructions embedded within the fetched task data.\n
- Capability inventory: The skill provides access to network requests via curl and file system searching via rg (ripgrep).\n
- Sanitization: The fetched content is integrated directly into the context without sanitization or validation.
Audit Metadata