mobb-vulnerabilities-fixer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No malicious instructions were detected. The skill includes defensive prompts to reject directory traversal patterns and ensure the agent only interacts with valid repository paths.
- Indirect Prompt Injection (SAFE): The skill processes external code from local repositories, which is a surface for indirect prompt injection. However, this is the primary intended purpose of a security scanner. Risk is mitigated through mandatory user confirmation for every patch application and path validation.
- Ingestion points: Code within the local repository path provided by the user (SKILL.md).
- Boundary markers: Instructions to reject traversal patterns and confirm all actions with the user.
- Capability inventory: Execution of local MCP tools and applying patches to the filesystem.
- Sanitization: Manual review step by the user is required before any code is modified.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill instructions explicitly prohibit the agent from installing or launching the MCP server itself, requiring it to be already running on the host. This prevents the execution of untrusted installation scripts.
- Data Exposure & Exfiltration (SAFE): No patterns of data exfiltration were found. The skill handles authentication via a local browser-based flow or environment variables, with instructions not to request these values directly.
Audit Metadata