Skills
skills/terminalskills/skills/sap/Gen Agent Trust Hub

sap

Fail

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: HIGHCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill includes hardcoded credentials in the SAP Business One authentication example.\n
  • Evidence: Found UserName: "manager", Password: "password" in SKILL.md.\n- [EXTERNAL_DOWNLOADS]: Installs the SAP Cloud SDK developer toolkit from the public npm registry.\n
  • Command: npm install -g @sap/cds-dk in SKILL.md.\n- [COMMAND_EXECUTION]: Performs shell operations to initialize and run SAP CAP applications.\n
  • Operations: cds init, npm install, and cds watch in SKILL.md.\n- [PROMPT_INJECTION]: Contains a surface for indirect prompt injection via the processing of untrusted Shopify webhook data.\n
  • Ingestion points: Express.js endpoint app.post("/webhook/shopify/order", ...) in SKILL.md.\n
  • Boundary markers: No delimiters or ignore instructions found for processed data.\n
  • Capability inventory: Network capabilities (fetch) and SAP API interaction across SKILL.md.\n
  • Sanitization: No sanitization or validation of the webhook payload is demonstrated in the integration example.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
May 11, 2026, 09:52 PM