Skills
skills/nrwl/nx/run-nx-generator/Gen Agent Trust Hub

run-nx-generator

Fail

Audited by Gen Agent Trust Hub on Feb 15, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (HIGH): The skill explicitly uses the Bash tool to execute nx generate commands. Nx generators are executable scripts that run within the host environment. This capability allows for full command execution and file system modification.
  • [PROMPT_INJECTION] (HIGH): The skill is vulnerable to Indirect Prompt Injection (Category 8) due to its core functionality of ingesting and executing untrusted data from the workspace.
  • Ingestion points: Uses mcp__nx-mcp__nx_generators and mcp__nx-mcp__nx_generator_schema to read generator definitions from the local filesystem, including user-defined paths in tools/workspace-plugin/.
  • Boundary markers: Absent. There are no instructions to the agent to ignore or sanitize instructions found within generator metadata or schemas.
  • Capability inventory: The skill has access to Bash, Read, Glob, and Grep tools, providing high-privilege access to the execution environment and filesystem.
  • Sanitization: Absent. There is no validation to ensure the generator-path or options do not contain malicious payloads designed to exploit the shell or the Nx runtime.
  • [EXTERNAL_DOWNLOADS] (LOW): The skill references standard Nx and Node.js packages. While these are from trusted ecosystems, the execution of these packages remains a vector for supply chain risks, though the references themselves are considered standard practice.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 15, 2026, 11:46 PM