Security audit

Fastapi Studio Template

Security checks across malware telemetry and agentic risk

Overview

This is a coherent FastAPI studio template with disclosed Langfuse tracing and no evidence of hidden execution or harmful behavior.

Safe to install for its intended template use. Before using generated code, configure Langfuse deliberately, verify the Langfuse endpoint, avoid tracing sensitive prompts or outputs unless intended, and consider replacing the public HTMX CDN links with local or pinned assets for production.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 94% confidence
Finding: The skill metadata claims outbound network use is limited to optional Langfuse tracing, but the worked example includes third-party script tags loading HTMX and its SSE extension from unpkg.com. This creates undisclosed network dependencies and a supply-chain/trust risk at runtime, especially in environments expecting no external calls beyond user-configured tracing.

Missing User Warnings

Medium

Confidence: 87% confidence
Finding: The Langfuse example shows prompts and model metadata being sent to an external tracing service, but the main skill content does not prominently warn that potentially sensitive user inputs may leave the application boundary. In a gen-AI studio context, prompts can contain proprietary, personal, or confidential data, so incomplete disclosure increases privacy and compliance risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal