Skills
skills/mary4data/clawbee/fridge-tracker/Gen Agent Trust Hub

fridge-tracker

Warn

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands using the sqlite3 CLI to interact with a local database file at /data/workspace/pantry.db. This is evident in the /fridge list, add, remove, and clear commands defined in SKILL.md.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes untrusted data and uses it in sensitive operations without sanitization.
  • Ingestion points: User input provided via the <item> and <quantity> arguments in the /fridge add and /fridge remove commands.
  • Boundary markers: None. User input is directly interpolated into the SQL command strings.
  • Capability inventory: The skill possesses command execution capabilities via shell calls to sqlite3 and file system modification (writing to the database file), as documented in SKILL.md.
  • Sanitization: No sanitization, escaping, or validation of user input is performed before interpolation into the SQL queries, creating a high risk of SQL injection.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 6, 2026, 02:14 PM