afrexai-api-architect
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION] (HIGH): High risk of Indirect Prompt Injection. The skill's primary functions, such as 'Reviewing' and 'Auditing' APIs, involve processing external content like OpenAPI specifications. Attackers can embed hidden instructions within these files to manipulate the agent's behavior. Evidence: 1. Ingestion points: API specs and code snippets (README.md). 2. Boundary markers: None documented to prevent the agent from obeying instructions embedded in data. 3. Capability inventory: Generates code, OpenAPI specs, and 'curl recipes' (README.md). 4. Sanitization: No sanitization of external input is mentioned.
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill is distributed through an unverified source (clawhub) and promotes 'Context Packs' from an external site (afrexai-cto.github.io), bypassing security oversight for those components.
- [COMMAND_EXECUTION] (MEDIUM): The skill generates 'curl recipes' and test code based on external, untrusted input. If these artifacts are executed by the user or agent, they could perform unauthorized network requests or system operations defined by a malicious API specification.
Recommendations
- AI detected serious security threats
Audit Metadata