mintlify
Warn
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill instructs the user to install the 'mint' package globally ('npm i -g mint'). On the npm registry, 'mint' refers to an unrelated programming language, whereas the actual Mintlify CLI is 'mintlify'. This creates a risk of software misdirection or dependency confusion.
- [COMMAND_EXECUTION] (SAFE): The skill lists standard CLI commands for documentation development, such as 'mint dev' and 'mint broken-links'. These are consistent with the skill's stated purpose of maintaining documentation sites.
- [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection (Category 8) due to its data-handling capabilities. 1. Ingestion points: The skill processes MDX files, OpenAPI specifications, and external web content via the '@mintlify/scraping' package. 2. Boundary markers: No specific delimiters or instructions to ignore embedded commands are present in the SKILL.md. 3. Capability inventory: Includes CLI execution for site previewing, validation, and link checking. 4. Sanitization: No sanitization or filtering of external input is mentioned.
Audit Metadata