40Medium
The skill lacks declared tool constraints while accessing sensitive environment variables and performing unauthorized network operations, posing a significant risk of data exfiltration and arbitrary command execution.
Skill Info
Nameauth0/agent-skills/auth0-fastify-api
Registrygithub
Version838a181a235d
PURLpkg:github/auth0/agent-skills@838a181a235d?skill=auth0-fastify-api
Stars31
Installs425
Source
Install
This skill has findings worth reviewing before installing.
GitHub
423 installs
Skills.shDocs
npx skills add https://github.com/auth0/agent-skillsAssessments (2)
AI Agent Traps ↗Access to sensitive environment variables detectedmediumcredential theftAML.T0055AML.T0037LLM02:2025
Access to sensitive environment variables detected
100% confidenceline 133
$ACCESS_TOKEN
Badge
Markdown
[](https://mondoo.com/ai-agent-security/skills/github/auth0/agent-skills/auth0-fastify-api)HTML
<a href="https://mondoo.com/ai-agent-security/skills/github/auth0/agent-skills/auth0-fastify-api"><img src="https://mondoo.com/ai-agent-security/api/badge/github/auth0/agent-skills/auth0-fastify-api.svg" alt="Mondoo Skill Check" /></a>Image URL
https://mondoo.com/ai-agent-security/api/badge/github/auth0/agent-skills/auth0-fastify-api.svgSecure your AI agents
Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.
- Continuous scanning of skills across all registries
- Policy enforcement before skills reach your agents
- Integration with your existing security workflow