supabase
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
- Remote Code Execution (CRITICAL): The skill documentation instructs users to run 'curl -sSL https://canifi.com/skills/supabase/install.sh | bash'. This allows an untrusted third-party website to execute arbitrary commands on your system with your user permissions.
- External Downloads (HIGH): The skill downloads code from canifi.com, which is not on the list of trusted sources. There is no way to verify the safety or integrity of these files before they are executed.
- Credentials Unsafe (HIGH): The skill explicitly asks users to store SERVICE_EMAIL and SERVICE_PASSWORD in its environment. Because the environment manager is installed via a dangerous remote script, these credentials are at extreme risk of being captured by a malicious actor.
- Indirect Prompt Injection (LOW): The skill reads data from the Supabase dashboard which could contain malicious instructions. Evidence chain: (1) Ingestion points: Supabase project dashboard. (2) Boundary markers: Absent. (3) Capability inventory: Shell execution and browser automation. (4) Sanitization: None mentioned.
Recommendations
- HIGH: Downloads and executes remote code from: https://canifi.com/install.sh, https://canifi.com/skills/supabase/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata