turborepo-caching
Warn
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: MEDIUMDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The self-hosted remote cache server template (Template 4) is vulnerable to path traversal. The variables 'team' (from query string) and 'hash' (from URL parameters) are used directly in 'path.join' to construct a file path for reading. An attacker could use directory traversal sequences like '../../' to access sensitive files outside the intended cache directory.
- [COMMAND_EXECUTION]: The same path traversal vulnerability exists in the 'PUT' endpoint of the cache server template. This could allow an attacker to write arbitrary files to the local file system, potentially leading to remote code execution if used to overwrite configuration files or executable scripts.
- [PROMPT_INJECTION]: The skill has an Indirect Prompt Injection surface (Category 8). Ingestion points: The skill is designed to interact with and process 'turbo.json' and 'package.json' files from the repository. Boundary markers: Absent; there are no instructions to ignore or delimit instructions found within these configuration files. Capability inventory: The skill generates shell commands ('turbo build') and CI/CD workflow definitions. Sanitization: Absent; the skill does not suggest validating or sanitizing the contents of monorepo configuration files before applying them.
Audit Metadata