scaffolding-fastapi-dapr
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- REMOTE_CODE_EXECUTION (CRITICAL): The 'references/dapr-patterns.md' file recommends installing the Dapr CLI using 'curl -fsSL https://raw.githubusercontent.com/dapr/cli/master/install/install.sh | bash'. This is a high-risk pattern that executes arbitrary code from a remote source that is not listed as a trusted organization.
- EXTERNAL_DOWNLOADS (LOW): The skill documentation instructs the installation of standard Python packages like 'fastapi', 'sqlmodel', 'pydantic', 'httpx', 'python-jose', 'uvicorn', 'sqlalchemy', 'asyncpg', 'aiosqlite', and 'alembic' from the PyPI registry.
- PROMPT_INJECTION (MEDIUM): The templates for Dapr event handlers in 'SKILL.md' and 'references/dapr-patterns.md' (e.g., handle_task_created and handle_task_events) ingest untrusted JSON data from external events and job callbacks. This data is used in database operations without any sanitization or the use of boundary markers, creating a surface for indirect prompt injection if the stored data is later retrieved and processed by an AI agent.
- COMMAND_EXECUTION (LOW): The skill includes a local verification script 'scripts/verify.py' and instructions for standard development commands like 'uv run' and 'dapr run'.
Recommendations
- AI detected serious security threats
Audit Metadata