wordspace
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (HIGH): The skill fetches '.prose' workflows from a remote GitHub repository. These are described as 'reusable programs', which are executed or interpreted by the agent.
- [REMOTE_CODE_EXECUTION] (HIGH): Recommends installation and initialization via 'npx wordspace init', which executes code directly from the npm registry.
- [COMMAND_EXECUTION] (HIGH): Automatically modifies environment security settings ('.claude/settings.local.json') to enable high-risk tools including 'curl' and 'python3'.
- [PROMPT_INJECTION] (HIGH): The skill lacks sanitization for the remote content it ingests. Maliciously crafted workflows from the remote repository could leverage the enabled 'python3' and 'curl' capabilities to perform unauthorized actions on the host system.
Recommendations
- AI detected serious security threats
Audit Metadata