Skills
NYC
skills/smithery/ai/supplier-management/Gen Agent Trust Hub

supplier-management

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION] (HIGH): High susceptibility to Indirect Prompt Injection (Category 8).
  • Ingestion points: The skill's primary function is processing external supplier pricelists (Excel/CSV) and product catalogs (noted in SKILL.md).
  • Boundary markers: Absent. There are no instructions or delimiters defined to help the agent distinguish between its instructions and untrusted data from the files it processes.
  • Capability inventory: The skill grants the agent broad permissions: Bash, Edit, Write, Read, Grep, and Glob (noted in the YAML frontmatter).
  • Sanitization: Absent. There is no guidance provided to the agent for sanitizing or escaping content extracted from these external files before using them in tool calls.
  • [COMMAND_EXECUTION] (MEDIUM): The skill explicitly permits the use of the Bash tool. While the documentation provides benign examples using curl against localhost, the combination of shell access and untrusted data ingestion (Category 8) increases the risk of arbitrary command execution if an injection occurs.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 07:56 AM