api-security-schemathesis
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFE
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The skill executes 'schemathesis run ' where the URL is a user-provided parameter. This presents a high risk of command injection if the agent does not strictly sanitize inputs before shell execution.
- [PROMPT_INJECTION] (HIGH): Identified high risk of Indirect Prompt Injection (Category 8).
- Ingestion points: Untrusted external API schemas fetched from user-provided URLs (SKILL.md).
- Boundary markers: Absent. The agent is instructed to parse and summarize results directly into a markdown table.
- Capability inventory: Shell command execution (schemathesis run).
- Sanitization: None provided. A malicious schema could contain instructions in endpoint descriptions or example values designed to hijack the agent's logic during result parsing.
- [EXTERNAL_DOWNLOADS] (LOW): Recommends 'pip install schemathesis'. This is a trusted-source download (PyPI), but runtime installation remains a risk factor.
- [CREDENTIALS_UNSAFE] (MEDIUM): Instructions explicitly demonstrate passing credentials and Bearer tokens via command-line flags (--auth, --header), which can expose sensitive secrets in process lists, logs, or shell history.
Recommendations
- AI detected serious security threats
Audit Metadata