Skills
skills/akillness/oh-my-gods/agentation/Gen Agent Trust Hub

agentation

Warn

Audited by Gen Agent Trust Hub on Apr 24, 2026

Risk Level: MEDIUMREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill documentation and setup scripts utilize the npx -y agentation-mcp server command, which downloads and executes remote code from the npm registry at runtime without version pinning.
  • [COMMAND_EXECUTION]: The scripts/setup-agentation-mcp.sh script executes shell commands to modify configuration files in the user's home directory for several AI agent platforms (e.g., ~/.claude/claude_desktop_config.json) to persist the MCP server registration.
  • [EXTERNAL_DOWNLOADS]: The skill triggers external package downloads and execution from npmjs.com via npm and npx during setup and runtime.
  • [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection by processing untrusted annotation comments and instructing the agent to modify code based on them. 1. Ingestion points: agentation_watch_annotations tool output (comment field). 2. Boundary markers: Absent. 3. Capability inventory: Write, Bash, Grep, Glob. 4. Sanitization: Absent.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 24, 2026, 02:48 AM