codebase-skill
Warn
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill relies on 'npx -y mcporter' to download and run the 'mcporter' package from the npm registry at runtime. This dependency is from an unverified source outside of the trusted vendor list.
- [REMOTE_CODE_EXECUTION]: The execution of 'mcporter' via 'npx' constitutes a remote code execution vector as the package is fetched and executed on the host system without prior verification.
- [COMMAND_EXECUTION]: Shell command execution is used for image uploads via 'curl'. The skill interpolates URLs returned by tool outputs directly into command-line arguments.
- [PROMPT_INJECTION]: The skill has a vulnerability surface for indirect prompt injection when processing user-generated blog content.
- Ingestion points: User-provided strings for the 'title' and 'content_markdown' parameters are passed to the 'create_post' tool in SKILL.md.
- Boundary markers: There are no delimiters or explicit instructions to distinguish user data from the agent's internal system prompts.
- Capability inventory: The skill possesses the capability to write to an external blog service and perform network requests using 'curl' and 'mcporter'.
- Sanitization: No validation or sanitization is applied to user-provided content before it is processed by the agent.
Audit Metadata