content-collections
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill requires the installation of several packages from the @content-collections scope (e.g., @content-collections/core). These packages are not from a verified trusted organization as defined in the security policy.
- COMMAND_EXECUTION (MEDIUM): The skill includes a shell script at 'scripts/init-content-collections.sh' for automated setup. Executing unverified scripts can lead to arbitrary command execution on the host system.
- PROMPT_INJECTION (LOW): The skill processes Markdown and MDX content, creating a surface for indirect prompt injection. Evidence: * Ingestion points: Markdown and MDX files. * Boundary markers: None specified. * Capability inventory: Shell script setup and Vite plugin integration. * Sanitization: No sanitization logic documented for processed content.
Audit Metadata