remix-open-game
Warn
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands (open on macOS and xdg-open on Linux) using gameId and versionId variables extracted from a local .remix-settings.json file. This pattern is vulnerable to command injection if the configuration file contains shell metacharacters like semicolons or backticks. Ingestion point: .remix-settings.json in the project root. Boundary markers: Absent. Capability inventory: System shell command execution via browser open commands. Sanitization: Absent.
Audit Metadata