tandoor-recipes
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Prompt Injection (LOW): The skill is vulnerable to Indirect Prompt Injection (Category 8). 1. Ingestion points: Recipe data and instructions fetched from the Tandoor API via search and get commands. 2. Boundary markers: Absent in instructions. 3. Capability inventory: Creation and modification of recipes and shopping lists via script execution. 4. Sanitization: Not described in the skill definition.
- Command Execution (SAFE): Standard execution of a local Node.js script to interact with the Tandoor API as per the skill's primary purpose.
Audit Metadata