atxp
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill documentation provides instructions for executing CLI commands using
npx atxpto perform search and generation tasks. - [EXTERNAL_DOWNLOADS]: Use of the
npxutility results in the runtime download of theatxppackage from the public npm registry. - [PROMPT_INJECTION]: The skill introduces an indirect prompt injection surface as it is designed to ingest and process untrusted data from web searches and X/Twitter.
- Ingestion points: External data enters the agent context through the output of
npx atxp searchandnpx atxp x. - Boundary markers: No specific delimiters or instructions are used to distinguish between retrieved data and agent commands.
- Capability inventory: The skill utilizes subprocess execution for CLI tools and network access to multiple atxp.ai subdomains.
- Sanitization: No documentation exists regarding the filtering or sanitization of ingested content.
- [DATA_EXFILTRATION]: The skill accesses authentication tokens through the
ATXP_CONNECTIONenvironment variable and the~/.atxp/configconfiguration file, which are sensitive user assets.
Audit Metadata