api-connector
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFECREDENTIALS_UNSAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill is designed to manage and utilize sensitive API keys and tokens. It reads from a configuration file (.api-connector-config.yml) and prompts the user to provide credentials for various services.
- [COMMAND_EXECUTION]: Utilizes the Bash tool to execute curl commands. While intended for API interactions, this involves constructing shell commands with parameters derived from natural language and external data.
- [DATA_EXFILTRATION]: The skill facilitates the transmission of authentication tokens and user data to a large number of external domains. While these are well-known services, the broad network access combined with credential handling is a security consideration.
- [PROMPT_INJECTION]: Potential for indirect prompt injection. The skill ingests untrusted data from external API responses (documented in SKILL.md, Phase 3) and processes it without explicit sanitization or the use of boundary markers. This data is handled by an agent with file-write and shell-execution capabilities, creating an exploitation path if an API response contains malicious instructions.
Audit Metadata