industry-performance-snapshot
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION] (CRITICAL): The file 'references/mcp-setup.md' contains instructions for the user to install Homebrew using 'curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh | bash'. This is a high-risk pattern that executes remote code without verification.
- [EXTERNAL_DOWNLOADS] (HIGH): The skill requires downloading and running the 'octagon-mcp' package via 'npx' and adding the skill from 'OctagonAI/skills'. Neither the package nor the organization is in the trusted source whitelist, presenting a risk of unverified remote execution.
- [COMMAND_EXECUTION] (MEDIUM): Setup instructions for various agents (Cursor, Claude, Windsurf) involve shell commands that set environment variables (e.g., 'env OCTAGON_API_KEY=...') to run remote scripts, which can be leveraged for broader execution if the remote source is compromised.
- [PROMPT_INJECTION] (LOW): The skill has an indirect prompt injection surface (Category 8). 1. Ingestion points: The 'octagon-agent' tool (referenced in SKILL.md) ingests external industry data. 2. Boundary markers: Absent. 3. Capability inventory: Limited to data retrieval and interpretation; no write or high-privilege operations detected. 4. Sanitization: Absent.
Recommendations
- AI detected serious security threats
Audit Metadata