bring-add
Warn
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill specifies a wildcard version for its primary dependency (
bring-shopping: "*"). This is a security risk as it allows the installation of any version, including potentially compromised or malicious future updates, and prevents deterministic builds. - PROMPT_INJECTION (LOW): Indirect Prompt Injection Surface. The skill is designed to ingest and process untrusted data from external sources (stdin and files) and then send that data to an external API service.
- Ingestion points: Reads from standard input (
-argument) and command-line arguments. - Boundary markers: No delimiters or instructions are used to prevent the agent or the target API from misinterpreting embedded instructions within the shopping items.
- Capability inventory: Network communication with the Bring! API via the
bring-shoppinglibrary. - Sanitization: There is no evidence of input sanitization or validation of the item names/specifications before they are processed.
- CREDENTIALS_UNSAFE (LOW): The skill requires the user to provide sensitive credentials (
BRING_EMAILandBRING_PASSWORD) via environment variables. While common for CLI tools, this increases the risk of credential leakage in shared environments or via process inspection.
Audit Metadata