Skills
skills/medusajs/medusa-claude-plugins/new-user/Gen Agent Trust Hub

new-user

Pass

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection vulnerability surface through its argument handling.
  • Ingestion points: User-provided <email> and <password> arguments enter the agent context via the argument-hint and instructions.
  • Boundary markers: There are no delimiters or explicit instructions to the model to ignore embedded control characters or commands within the arguments.
  • Capability inventory: The skill utilizes the Bash tool to execute npx medusa commands.
  • Sanitization: No sanitization, escaping, or validation logic is specified for the user input before it is placed into the shell command string.
  • [COMMAND_EXECUTION]: The skill constructs a shell command dynamically using npx medusa user -e <email> -p <password>. Because the inputs are not sanitized, a malicious user could provide arguments containing shell metacharacters (e.g., ;, &&, |, `) to execute arbitrary commands on the host system.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 4, 2026, 04:20 AM