building-nango-functions-remotely
Pass
Audited by Gen Agent Trust Hub on May 28, 2026
Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill transmits the user's
NANGO_SECRET_KEYand generated TypeScript source code to Nango's official service endpoints (e.g.,api.nango.dev). This is the intended and necessary mechanism for authenticating and managing functions on the Nango platform. - [COMMAND_EXECUTION]: The workflow involves making structured HTTP POST requests to Nango's remote function endpoints to compile and deploy code, which is standard behavior for interacting with the platform's developer APIs.
- [REMOTE_CODE_EXECUTION]: The skill utilizes Nango's remote "dryrun" endpoint to execute and validate generated integration code in a sandboxed environment. This is a functional requirement for testing actions and syncs before deployment.
- [PROMPT_INJECTION]: The skill processes user-supplied API documentation URLs and sample response data to inform its code generation, which represents an indirect prompt injection surface.
- Ingestion points: External API reference URLs and sample JSON response payloads provided by the user (SKILL.md).
- Boundary markers: Absent.
- Capability inventory: Includes network operations via the Nango SDK and platform-specific remote execution APIs.
- Sanitization: External documentation is utilized to guide code generation without explicit pre-processing or validation of the content.
Audit Metadata