fabric-api
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill provides templates for using
curlto interact with the Fabric API. These templates use quoted heredocs (e.g.,<<'JSON'), which is a best practice for passing multi-line data to commands without the risk of shell interpolation or command injection. - [EXTERNAL_DOWNLOADS]: The skill communicates with the official Fabric API endpoint at
api.fabric.so. This is a legitimate service associated with the skill's primary purpose and is treated as a safe source. - [CREDENTIALS_UNSAFE]: Authentication is handled via the
FABRIC_API_KEYenvironment variable. The skill correctly instructs users to provide this sensitive token through their environment configuration rather than hardcoding it in scripts. - [PROMPT_INJECTION]: The skill processes user-supplied data for fields such as notepad text and folder names. This represents a potential surface for indirect prompt injection, but it is handled securely at the execution layer.
- Ingestion points: Untrusted data enters the agent context via user-provided values for fields like
name,text,url, anddescriptioninSKILL.mdand the OpenAPI schema. - Boundary markers: Templates in
SKILL.mduse quoted heredocs (<<'JSON'), which prevent the shell from expanding variables or executing commands embedded in the data. - Capability inventory: The skill utilizes
curlto perform REST API operations (GET, POST) on the Fabric platform. - Sanitization: Content is passed directly into JSON structures within the heredoc; while no NLP-level filtering is performed, the shell-level transport is properly escaped.
Audit Metadata