hono
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill instructs the user/agent to install or run
@hono/clivia npm or npx. While Hono is a well-known project, this involves downloading and executing external packages. - COMMAND_EXECUTION (MEDIUM): The
hono request [file]command executes code within a local file to simulate API requests. If an agent is tasked with testing a file downloaded from an untrusted source, this leads to arbitrary code execution within the agent's environment. - PROMPT_INJECTION (MEDIUM): This skill is vulnerable to Indirect Prompt Injection (Category 8). Malicious instructions or code can be embedded in Hono source files. When the agent processes these files using
hono requestorhono optimize, the instructions could influence the agent's behavior or trigger unintended actions through the CLI. - Ingestion points:
hono request [file],hono optimize [entry] - Boundary markers: None present; the agent treats file contents as code to be processed.
- Capability inventory: Capability to execute JavaScript/TypeScript logic via Hono's internal request simulator and bundler.
- Sanitization: None; the CLI expects valid executable source code.
Audit Metadata