magic-link-auth-companion
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes authentication data from external backends, creating a surface for potential indirect prompt injection if these sources are compromised. Ingestion points: Data is ingested from an external PHP API (EXTERNAL_CONFIG_BASE_URL) and Redis storage. Boundary markers: While the skill instructions require JSON validation, there are no explicit prompt delimiters or 'ignore instructions' warnings for data interpolated into the UI. Capability inventory: The skill can generate magic links, revoke tokens, and modify dashboard templates. Sanitization: The skill mandates masking sensitive data and verifying the integrity of API responses.
- [DATA_EXFILTRATION]: The skill performs network operations to an external backend for token management via the EXTERNAL_CONFIG_BASE_URL endpoint. This communication is a documented component of the vendor's authentication architecture.
- [COMMAND_EXECUTION]: The skill includes a Python utility script, revoke_magic_links.py, which is designed for local CLI execution to manage token revocation across the system.
Audit Metadata