Skills
skills/aahl/skills/mcp-duckgo/Gen Agent Trust Hub

mcp-duckgo

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • Remote Code Execution & External Downloads (HIGH): The skill uses npx -y mcporter and uvx duckduckgo-mcp-server to download and run code from the npm and PyPI registries at runtime. This behavior does not specify versions or verify package integrity, and the packages are not from trusted organizations, which could lead to arbitrary code execution if the packages are compromised.
  • Indirect Prompt Injection (LOW): The fetch_content command reads data from arbitrary web URLs, creating an attack surface for indirect prompt injection where malicious instructions in the scraped content could influence the agent.
  • Ingestion points: Results from fetch_content in SKILL.md.
  • Boundary markers: Absent; no delimiters are used to wrap external content.
  • Capability inventory: Shell execution via npx and uvx.
  • Sanitization: Absent; there is no evidence of data sanitization before ingestion.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 04:53 PM