atxp
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Downloads the
atxppackage from the npm registry usingnpxduring runtime. As this package is the core tool provided by the vendor (atxp-dev), this is standard behavior and is clearly documented. - [COMMAND_EXECUTION]: Executes CLI commands via
npxsubprocesses to perform various agent tasks such as searching, generating media, and sending emails. - [CREDENTIALS_UNSAFE]: Manages a sensitive authentication token (
ATXP_CONNECTION) stored in~/.atxp/config. The documentation provides detailed warnings and best practices for protecting this secret from exposure. - [DATA_EXFILTRATION]: Identifies features like
email sendandphone send-smsas potential exfiltration risks. The skill includes explicit security guardrails to prevent agents from transmitting sensitive data or responding to malicious external instructions. - [PROMPT_INJECTION]: Recognizes that data from external sources (web searches, social media, emails, SMS) may contain prompt injection attempts. It provides mandatory guidelines for agents to treat this data as reference information and use boundary markers to separate untrusted content.
Audit Metadata