supabase-edge-functions
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the Supabase CLI from the official Supabase GitHub repository, which is a trusted and well-known source.
- [COMMAND_EXECUTION]: The skill executes shell commands via the Supabase CLI and curl to manage function lifecycles, set secrets, and invoke functions. This includes the use of sudo for moving binaries during installation.
- [PROMPT_INJECTION]: There is an attack surface for indirect prompt injection in the helper scripts provided for batch processing and testing. Evidence: 1. Ingestion points: The 'email' variable in 'batch-function-invocations.sh' and 'test_case' in 'test-function.sh' ingest untrusted data. 2. Boundary markers: No delimiters or 'ignore' warnings are present to isolate interpolated variables. 3. Capability inventory: The skill uses curl and the Supabase CLI to perform network operations and system management. 4. Sanitization: No escaping or validation is performed on the data before it is interpolated into shell command strings.
Audit Metadata