mmx-cli
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTIONCREDENTIALS_UNSAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to install the mmx-cli package globally via the NPM registry. This is a standard and expected deployment method for the vendor's official command-line interface.
- [COMMAND_EXECUTION]: The skill primarily functions by executing the mmx command-line utility to perform various AI tasks, such as chat completions and media generation.
- [PROMPT_INJECTION]: The skill accepts external and user-provided data through several flags and file inputs, including --message, --prompt, --lyrics-file, --messages-file, and --text-file in SKILL.md. This ingestion of untrusted data constitutes an indirect prompt injection surface. The documentation does not specify boundary markers or sanitization procedures for this input. The skill possesses capabilities including subprocess execution of the mmx tool, file system writes via the --out and --download flags, and network access through the mmx search command.
- [CREDENTIALS_UNSAFE]: Authentication is handled by storing API keys in ~/.mmx/credentials.json. While this file contains sensitive data, storing credentials in a user-directory configuration file is a standard practice for CLI applications to persist session information, and the documentation correctly utilizes placeholders for example keys.
Audit Metadata