Generate Nano QR Code
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill utilizes npx to fetch the xno-skills package from the npm registry at runtime.
- [REMOTE_CODE_EXECUTION]: By invoking npx -y, the skill downloads and executes external code on the system.
- [COMMAND_EXECUTION]: The skill instructions require the agent to execute shell commands using the npx utility to interact with the QR generation logic.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through a command injection vulnerability surface.
- Ingestion points: The address and amount parameters used in the bash command templates in SKILL.md.
- Boundary markers: None are present; user input is interpolated directly into the command string without delimiters.
- Capability inventory: The skill utilizes subprocess execution for its primary functionality.
- Sanitization: No sanitization or escaping mechanisms are described to prevent the inclusion of shell metacharacters in user-supplied strings.
Audit Metadata