Skills
skills/monorepo-labs/skills/supacortex/Gen Agent Trust Hub

supacortex

Pass

Audited by Gen Agent Trust Hub on Feb 26, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: Vulnerability to indirect prompt injection. The skill ingests data from untrusted sources such as bookmarks (URLs) and external conversation history. * Ingestion points: scx bookmarks list, scx bookmarks get, scx conversation list, scx conversation get. * Boundary markers: Absent. There are no instructions to the agent to ignore or delimit embedded instructions in the fetched content. * Capability inventory: The skill can execute shell commands (Bash), write to the remote service (scx ... add/update), and fetch data. * Sanitization: Absent. The skill does not describe any sanitization of the input before it is processed or presented to the agent.
  • [COMMAND_EXECUTION]: Executes the scx CLI commands to manage memory and bookmarks. * Evidence: Commands used include scx bookmarks, scx conversation, and scx identity.
  • [EXTERNAL_DOWNLOADS]: Fetches the CLI tool from the npm registry as part of the setup process. * Evidence: The skill documentation references @supacortex/cli for installation. This is a vendor-owned resource.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 26, 2026, 01:47 PM