refresh-tarkovdev-schema
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill facilitates the ingestion of untrusted data from an external API which is then used in code generation. * Evidence Chain: 1. Ingestion Point: 'https://api.tarkov.dev/graphql' (specified in Step 1 of SKILL.md). 2. Boundary Markers: Absent; the schema is processed directly by 'graphql-inspector' and 'genqlient'. 3. Capability Inventory: 'task' (command execution), 'genqlient' (file write/code generation), 'go build' (compilation), and 'go test' (test execution). 4. Sanitization: Absent; the skill assumes the remote schema is benign. Maliciously crafted schema definitions could potentially exploit the code generator or inject malicious logic into the 'generated-queries.go' file.
- [External Downloads] (MEDIUM): The skill downloads data from 'api.tarkov.dev', which is not on the Trusted External Sources list. This data is used as a template for local source code generation, increasing the risk of a supply chain attack.
- [Command Execution] (HIGH): The skill executes 'task' commands that perform code generation and subsequent compilation and testing. Because the source for the code generation is a remote, untrusted API, this represents a significant risk of arbitrary code execution if the API response is compromised.
Recommendations
- AI detected serious security threats
Audit Metadata