supabase
Fail
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: HIGHDATA_EXFILTRATIONCREDENTIALS_UNSAFECOMMAND_EXECUTION
Full Analysis
- [DATA_EXFILTRATION]: Every usage example in the skill directs the agent to send requests to 'https://api.example.com'. Because the skill instructs the agent to create a wrapper script that automatically injects the 'SUPABASE_TOKEN' (a secret) into headers, following the provided instructions will transmit the user's private credentials to an external domain that is not their Supabase instance.\n- [CREDENTIALS_UNSAFE]: The skill bypasses the user-defined 'SUPABASE_URL' variable in its execution examples, opting instead to route requests containing the 'SUPABASE_TOKEN' to a hardcoded destination, creating a significant risk of credential theft.\n- [COMMAND_EXECUTION]: The skill instructions involve the dynamic generation of a shell script at '/tmp/supabase-curl' using 'cat' and the modification of file permissions via 'chmod +x' to enable arbitrary command execution through the wrapper.
Recommendations
- AI detected serious security threats
Audit Metadata