mgrep-code-search
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill relies on
bunx @mixedbread/mgrep, which downloads and executes the latest version of a third-party package from the npm registry at runtime. The provider '@mixedbread' is not in the trusted source list. - [DATA_EXFILTRATION] (HIGH): The skill indexes the entire local codebase and provides a synthesis feature (
-a). Semantic search and AI synthesis typically require sending data to a remote API (mixedbread.ai) for embedding and processing. This represents a significant exposure risk for sensitive or proprietary source code. - [COMMAND_EXECUTION] (MEDIUM): The skill frequently invokes shell commands via
bunx, which involves subprocess execution of external binaries with various arguments, including natural language queries. - [INDIRECT_PROMPT_INJECTION] (HIGH): The skill is designed to process untrusted data (external codebases). Malicious instructions embedded in code comments or files could influence the agent's behavior when it uses the 'AI-powered synthesis' (
-a) or when the agent reasons about search results. The skill has 'write' and 'execute' capabilities that increase the risk tier.
Recommendations
- AI detected serious security threats
Audit Metadata