markdown-linting
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- REMOTE_CODE_EXECUTION (HIGH): The skill documentation includes a command to download and execute a script from an external URL:
curl -fsSL https://fnm.vercel.app/install | bash. This piped execution pattern is a high-risk security vector for arbitrary code execution. - PROMPT_INJECTION (HIGH): Instructions in
references/best-practices.mdcommand the agent to 'Automatically fix ALL errors' and 'DO NOT ask for confirmation or approval'. This explicitly attempts to circumvent human-in-the-loop safety protocols and could be abused to perform unauthorized file modifications. - COMMAND_EXECUTION (MEDIUM): The skill contains instructions for the agent to generate shell scripts and set executable permissions via
chmod +x, providing a pathway for running unvetted local code. - EXTERNAL_DOWNLOADS (MEDIUM): The skill references several third-party npm packages (
husky,lint-staged,markdownlint-cli2) without version pinning in its examples, which poses a supply chain risk. - DATA_EXFILTRATION (LOW): The skill is designed to read all markdown files in a project. Combined with its network-capable installation instructions and autonomous execution directives, this creates a potential surface for indirect data exposure.
Recommendations
- HIGH: Downloads and executes remote code from: https://fnm.vercel.app/install - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata