Skills
AGENT LAB: SKILLS
skills/nice-wolf-studio/claude-code-supabase-skills/supabase-auth/Gen Agent Trust Hub

supabase-auth

Warn

Audited by Gen Agent Trust Hub on Feb 15, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
  • [COMMAND_EXECUTION] (MEDIUM): The skill provides numerous examples of bash shell commands used to interact with the Supabase API.
  • Evidence: Examples in SKILL.md like supabase_post "/auth/v1/signup" '{"email": "'"${USER_EMAIL}"'", ...}' demonstrate shell command construction.
  • Risk: If the agent populates these templates with unsanitized data from untrusted users (e.g., an email address containing shell metacharacters), it could lead to arbitrary command execution on the host system.
  • [CREDENTIALS_UNSAFE] (LOW): The skill uses environment variables for sensitive keys, which is a best practice, but includes patterns that might lead to credential exposure.
  • Evidence: The 'Sign In' section includes echo "Access Token: $access_token" and echo "Refresh Token: $refresh_token".
  • Risk: Printing secrets to standard output can lead to tokens being captured in agent logs or history files.
  • [Indirect Prompt Injection] (MEDIUM): The skill has an attack surface for indirect injection as it retrieves data from an external source (Supabase) that can be controlled by users.
  • Ingestion points: supabase_get "/auth/v1/admin/users" in SKILL.md.
  • Boundary markers: Absent in the provided templates.
  • Capability inventory: Execution of shell commands via curl and bash.
  • Sanitization: No explicit sanitization or validation of the data retrieved from the API is demonstrated before it is processed by the agent.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 15, 2026, 10:29 PM