bgproc
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill metadata specifies a global installation of the 'bgproc' package via 'bun i -g bgproc'. This package is sourced from a public registry and authored by an untrusted third party ('ascorbic'), which presents a potential supply chain risk.
- [COMMAND_EXECUTION] (MEDIUM): The primary capability of this skill is the 'bgproc start' command, which allows the agent to run arbitrary shell commands in the background. Although this is the skill's core purpose, it enables the agent to initiate persistent processes that may bypass real-time monitoring or safety constraints.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill includes a 'bgproc logs' command that retrieves output from managed processes. If a background process processes untrusted data and writes it to logs, those logs could contain malicious instructions designed to influence the agent.
- Ingestion points: Process logs retrieved via 'bgproc logs'.
- Boundary markers: Absent; logs are read directly into the agent's context.
- Capability inventory: 'bgproc start' (command execution), 'bgproc stop', 'bgproc clean'.
- Sanitization: No evidence of sanitization or filtering of log content before it is presented to the agent.
Audit Metadata