mirrord-config
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION] (HIGH): The skill's installation instructions in
SKILL.mdexplicitly command the agent to download a script and pipe it directly into the bash shell. Since the source organization 'metalbear-co' is not in the trusted list, this is a high-severity risk for arbitrary code execution. - Evidence:
curl -fsSL https://raw.githubusercontent.com/metalbear-co/mirrord/main/scripts/install.sh | bash - [EXTERNAL_DOWNLOADS] (MEDIUM): The skill attempts to download and install packages from untrusted external sources (Homebrew tap and GitHub).
- Evidence:
brew install metalbear-co/mirrord/mirrordand the curl-based install script. - [COMMAND_EXECUTION] (LOW): The skill invokes a local command-line interface (
mirrord) to perform validation on configuration files. - Evidence:
mirrord verify-config /path/to/config.jsoninSKILL.md. - [PROMPT_INJECTION] (LOW): The skill is vulnerable to indirect prompt injection because it ingests untrusted JSON configurations from users and processes them through an external CLI tool without explicit sanitization beyond schema validation.
- Ingestion point: User-provided
mirrord.jsoncontent. - Boundary markers: Not explicitly defined for the input data.
- Capability inventory: Shell execution via
mirrord verify-config. - Sanitization: Mentions strict JSON parsing but relies on the external CLI for final validation.
Recommendations
- HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/metalbear-co/mirrord/main/scripts/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata