@1463/dashboard
Fail
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: HIGHCOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides explicit instructions for the agent to execute shell commands (
bash env | grep -i "api_key\|_key") to locate and extract sensitive credentials from the host's environment variables. - [DATA_EXFILTRATION]: The instructions direct the agent to read internal application files (
read_file core/http_client.py) to discover system logic and configuration details, facilitating unauthorized introspection of the host environment. - [EXTERNAL_DOWNLOADS]: The skill fetches dashboard templates from the official Tabler repository on GitHub (
https://github.com/tabler/tabler/archive/refs/heads/main.zip) and recommends using third-party services likecorsproxy.iofor data fetching, which can expose transit data to intermediate parties. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (XSS surface) in Section 8, where data from external APIs (e.g., Hacker News) is rendered directly into the DOM using
innerHTMLwithout sanitization or boundary markers.
Recommendations
- AI detected serious security threats
Audit Metadata