data-client-rest-setup
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- PROMPT_INJECTION (HIGH): The skill defines a process where the agent scans the local codebase for REST implementation details to generate a BaseEndpoint class. This creates a surface for Indirect Prompt Injection, as a malicious codebase could contain instructions disguised as code to trick the agent into producing backdoored or insecure output. Ingestion points: Local codebase scan for REST patterns (SKILL.md). Boundary markers: Absent. Capability inventory: File-write to src/api/BaseEndpoint.ts. Sanitization: Absent.
- EXTERNAL_DOWNLOADS (MEDIUM): The skill recommends installing @data-client/rest and qs. While these are legitimate libraries, they are not from sources on the whitelisted trusted organization list and require verification.
- COMMAND_EXECUTION (LOW): The skill provides standard shell commands for package installation using npm, yarn, or pnpm.
Recommendations
- AI detected serious security threats
Audit Metadata