gainforest-beads
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill requires the global installation of the '@beads/bd' npm package. This package and the author 'gainforest' are not part of the trusted external sources list, making the dependency unverifiable.
- [COMMAND_EXECUTION] (LOW): The workflow relies on executing various shell commands including 'bd' and 'git' to sync, create, and update tasks, which involves local file system and remote repository interactions.
- [PROMPT_INJECTION] (LOW): The skill exhibits an indirect prompt injection surface by ingesting JSON data from the beads graph. Evidence Chain: 1. Ingestion points: 'bd list --json' and 'bd show --json'; 2. Boundary markers: Absent; 3. Capability inventory: 'bd' and 'git' command execution, file writes to '.beads/'; 4. Sanitization: No sanitization or validation of the ingested JSON content is specified.
Audit Metadata