company-market-cap
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- Unverifiable Dependencies & Remote Code Execution (CRITICAL): In references/mcp-setup.md, the setup guide for macOS recommends installing Homebrew using
curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh | bash. This is a high-risk pattern that allows arbitrary remote code execution without validation. - Unverifiable Dependencies & Remote Code Execution (HIGH): Setup instructions require users to execute
npx -y octagon-mcp. This command downloads and runs code from the npm registry for a package provided by an unverified author (OctagonAI), which is not on the trusted source list. - External Downloads (MEDIUM): The installation instructions for the skill itself use
npx skills add OctagonAI/skills, which executes code from a third-party GitHub repository. - Indirect Prompt Injection (LOW): The skill ingests untrusted market data from an external API. 1. Ingestion points: Data retrieved from the Octagon API via the octagon-agent tool. 2. Boundary markers: Absent. 3. Capability inventory: The skill is limited to data retrieval and display in this context. 4. Sanitization: None identified for retrieved data or symbols.
Recommendations
- AI detected serious security threats
Audit Metadata