tinted-neutrals
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill utilizes
npx @basiclines/rampato execute logic. This pattern downloads and runs code from a remote registry at runtime. Since the author and package are not part of the established trusted source list, this introduces a risk of executing unvetted third-party code. - COMMAND_EXECUTION (MEDIUM): Multiple shell command templates are provided (e.g.,
rampa -C "<brand-color>" ...). These rely on interpolating user-provided values into a command line. Without strict sanitization by the executing agent, an attacker could provide a malicious string (e.g.,"#fff; rm -rf /") to achieve arbitrary command execution. - INDIRECT PROMPT INJECTION (LOW): The skill defines a clear data ingestion surface where external inputs (brand colors) are used to influence tool parameters. While standard for this use case, it represents an attack surface for command-line argument injection.
Audit Metadata