brand-expansion
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- External Downloads (MEDIUM): The skill instructions require the execution of
@basiclines/rampavianpx. This package is hosted on the public npm registry but does not originate from a trusted organization or repository defined in the security policy. - Command Execution (HIGH): The skill constructs shell commands by interpolating user-provided input into the
<brand-color>placeholder. Because no sanitization or validation logic is specified, a malicious user can provide input containing shell metacharacters (e.g., semicolons or backticks) to execute arbitrary commands. Evidence Chain: 1. Ingestion points:<brand-color>placeholder in SKILL.md bash blocks. 2. Boundary markers: Absent. 3. Capability inventory: Execution of therampautility via shell. 4. Sanitization: None specified in the skill recipe.
Recommendations
- AI detected serious security threats
Audit Metadata