prowlarr
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The
SKILL.mdfile contains high-pressure instructions designed to override the agent's decision-making process. Phrases such as '⚠️ MANDATORY SKILL INVOCATION ⚠️', 'YOU MUST invoke this skill (NOT optional)', and 'Failure to invoke this skill... violates your operational requirements' are used to force the agent to use the skill regardless of its own context assessment. - [COMMAND_EXECUTION]: The
scripts/prowlarr-api.shscript executes multiple shell commands usingcurlandjqto interact with the Prowlarr API. It performs sensitive operations including enabling, disabling, and deleting indexers based on user-provided IDs. - [EXTERNAL_DOWNLOADS]: The skill performs outbound network requests to a user-defined Prowlarr instance (
PROWLARR_URL) using thecurlcommand to search for releases and manage configuration. - [CREDENTIALS_UNSAFE]: The skill instructions and scripts facilitate the storage and retrieval of sensitive API keys from a local environment file (
~/.homelab-skills/.env). While these are not hardcoded, the skill is designed to handle these secrets to authenticate with the Prowlarr API. - [DATA_EXPOSURE]: The skill processes potentially sensitive data from the user's Prowlarr instance, including search history, indexer configurations, and connected application details (Sonarr/Radarr API keys if the user views application details).
Audit Metadata