mf-bridge-check
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The instruction for the agent to construct a shell command by interpolating JSON data into a single-quoted string ('node scripts/bridge-check.js --context ""') creates a risk of command injection. If the data contains single quotes, it could break out of the intended argument and execute arbitrary shell commands.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing data from the project environment and presenting results to the agent. * Ingestion points: The '--context' argument in 'scripts/bridge-check.js' receives data derived from the local project configuration. * Boundary markers: The command template uses single-quote delimiters, but lacks explicit instructions for the agent to ignore embedded instructions within the project data. * Capability inventory: The skill is authorized to use 'Bash' to run 'node' scripts. * Sanitization: No sanitization or escaping of the JSON input is mentioned in the prompt instructions before shell interpolation.
Audit Metadata