cookiy
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides clear instructions for the agent to execute specific shell commands, such as
npx cookiy-mcp --client ... -y, to automate the installation and configuration of the Model Context Protocol (MCP) server across different AI environments. - [EXTERNAL_DOWNLOADS]: The skill triggers the download and execution of the
cookiy-mcppackage from the npm registry and uses Homebrew to install the standalone binary. These resources are authored by the vendor (cookiy-ai) and are required for the skill's primary setup function. - [COMMAND_EXECUTION]: The included installer CLI modifies local application configuration files (such as
~/.claude.json,~/.cursor/mcp.json, and~/.cline/mcp_settings.json) to register the Cookiy MCP server. This behavior is documented in the skill'sSECURITY.mdfile and is necessary for cross-client integration. - [INDIRECT_PROMPT_INJECTION]: The
synthesize-research-reportskill processes untrusted external data in the form of raw interview transcripts and notes. - Ingestion points: External data is ingested from files or provided via
$ARGUMENTSduring the synthesis workflow inskills/synthesize-research-report/SKILL.md. - Boundary markers: Absent; the instructions do not define specific delimiters to isolate external content from instructions.
- Capability inventory: The skill performs file system writes (generating markdown reports) and uses agent orchestration to process data in parallel batches.
- Sanitization: Absent; the skill relies on internal LLM guardrails to process qualitative data without explicit filtering or escaping.
Audit Metadata