sec-10k-analysis
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Remote Code Execution (CRITICAL): The setup instructions in
references/mcp-setup.mdpromote the use ofcurl | bashfor Homebrew installation, which is a high-risk pattern allowing for unverified remote code execution. - External Downloads (HIGH): The skill requires the
octagon-mcpnpm package, which is executed vianpx -ywithout verification of the source or package integrity. - Indirect Prompt Injection (MEDIUM): The skill processes data from external websites and SEC filings, creating an attack surface for Category 8. (Evidence: Ingestion: SEC filings/web content; Boundary markers: None; Capabilities: Tool execution and deep research; Sanitization: None mentioned).
- Command Execution (HIGH): Installation commands for Windows utilize
cmd /cto set environment variables and run commands, providing an additional vector for potential exploitation.
Recommendations
- AI detected serious security threats
Audit Metadata