ask-flutter-mechanic
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION] (MEDIUM): The skill directs the agent to execute local shell scripts (
./ship-android.shand./ship-ios.sh) within the user's project directory. If these scripts are provided by an untrusted source or malicious project, the agent will execute them with the user's full privileges. - [EXTERNAL_DOWNLOADS] (LOW): The skill utilizes
fvm flutter pub get,bundle install, andpod install. These commands download third-party code from public registries (Pub, RubyGems, CocoaPods), which is standard for Flutter development but carries inherent supply-chain risks. - [REMOTE_CODE_EXECUTION] (LOW): The use of
build_runnerandpod installinvolves executing external or generated code as part of the build process. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill reads and acts upon external data sources which could be manipulated to influence agent behavior.
- Ingestion points: Reads
.fvmrc,gradle-wrapper.properties, and terminal logs for dependency conflict resolution. - Boundary markers: None. The agent processes the raw content of these files/outputs directly.
- Capability inventory: Includes file system modification (
rm -rf), package installation, and execution of local shell scripts. - Sanitization: No evidence of sanitization or validation of the ingested file contents or terminal output before processing.
Audit Metadata