Skills
skills/salmanferozkhan/cloud-and-fast-api/ship-hero/Gen Agent Trust Hub

ship-hero

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHPROMPT_INJECTION
Full Analysis
  • Prompt Injection (HIGH): The skill exhibits a significant Indirect Prompt Injection surface. It facilitates the ingestion of external content (orders, products, notes) from the ShipHero API and grants the agent the capability to execute state-changing mutations based on that data.
  • Ingestion points: GraphQL query results in references/graphql-operations.md and SKILL.md.
  • Boundary markers: There are no instructions or delimiters defined to prevent the agent from following malicious instructions potentially embedded in order notes or product fields.
  • Capability inventory: High-privilege write operations including order_update, inventory_add, and webhook_create across all reference files.
  • Sanitization: No sanitization or validation logic is present in the provided Python or Node.js integration examples.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 12:03 AM