Skills
skills/recur-tw/skills/recur-quickstart/Gen Agent Trust Hub

recur-quickstart

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
  • Data Exposure & Exfiltration (MEDIUM): The diagnostic script scripts/check-env.sh accesses sensitive environment variables and configuration files.
  • Evidence: The script reads .env, .env.local, .env.development, and .env.production files using grep to check for variables.
  • Evidence: It uses printenv to retrieve values for RECUR_SECRET_KEY and RECUR_WEBHOOK_SECRET, displaying the first 12 characters of these secrets.
  • Risk: While the script includes partial masking, it exposes sensitive file contents and partial secret keys to the agent's runtime environment, which could be exploited if the agent's context is compromised.
  • Indirect Prompt Injection (LOW): The skill ingests untrusted data from local configuration files which could influence agent behavior.
  • Ingestion points: package.json and .env files are parsed via scripts/check-env.sh.
  • Boundary markers: Absent.
  • Capability inventory: Shell script execution and environment variable access.
  • Sanitization: None.
  • External Downloads (LOW): The skill recommends installing the recur-tw package from npm.
  • Source: npmjs.com (Standard registry; no suspicious behavior identified in the instruction).
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 05:58 PM