nx-run-tasks
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTION
Full Analysis
- COMMAND_EXECUTION (HIGH): The skill provides instructions for the agent to execute various shell commands including
nx run,nx run-many, andnx affected. This capability allows for arbitrary code execution on the host system if the inputs or workspace configurations are compromised. - INDIRECT_PROMPT_INJECTION (HIGH): The skill directs the agent to read local configuration files like
package.jsonandproject.jsonto determine available tasks. A malicious actor could embed shell injection payloads or malicious instructions within these files (e.g., in a script name or project tag) which the agent might then execute. - Ingestion points:
package.json,project.json, and lockfiles are read from the local workspace. - Boundary markers: No explicit delimiters or instructions to ignore embedded commands are provided.
- Capability inventory: The skill explicitly facilitates shell command execution via the terminal.
- Sanitization: There is no evidence of sanitization or validation of the task names or project parameters before they are passed to the shell.
Recommendations
- AI detected serious security threats
Audit Metadata