Skills
skills/module-federation/core/mf-type-check/Gen Agent Trust Hub

mf-type-check

Pass

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instruction to run node scripts/type-check.js --context '<MFContext-JSON>' performs direct string interpolation of external JSON data into a shell command. This creates a command injection surface if the JSON context contains shell metacharacters like single quotes.
  • [COMMAND_EXECUTION]: The skill uses a temporary TS config path read from a local file (.mf/diagnostics/latest.json) as an argument for npx tsc --project <tmp-tsconfig>. A malicious project could craft this file to perform argument injection or execute arbitrary commands.
  • [EXTERNAL_DOWNLOADS]: The troubleshooting workflow involves fetching remote type definitions (@mf-types.zip) and remoteEntry URLs. Fetching and potentially processing assets from URLs found in untrusted project configurations carries a risk of interacting with malicious external content.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests data from local project files (tsconfig.json, latest.json) and skill context without sanitization or boundary markers, while possessing the capability to modify files and execute shell commands.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 15, 2026, 04:50 PM