creative-insights-api
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (HIGH): The skill instructs the agent to 'Build the query string' and 'Execute the curl command' using parameters derived from user input. There are no instructions for sanitization or escaping shell metacharacters. An attacker could provide a parameter value like
"; command_here #to execute arbitrary code on the runner's system. - DATA_EXFILTRATION (HIGH): The
MOTION_API_TOKENis passed directly into the shell command. If a user successfully injects a command, they can easily exfiltrate this sensitive token or other environment variables to an external endpoint. - PROMPT_INJECTION (MEDIUM): The skill lacks boundary markers or instructions to ignore embedded commands within user-provided parameters, making it an easy target for indirect injection to manipulate the API request or the underlying system.
Recommendations
- AI detected serious security threats
Audit Metadata