frontend-aceternity
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill utilizes
npx aceternity-ui@latest add [component]to install UI components. This pattern involves downloading and executing code from a remote package repository at runtime. While Aceternity UI is a recognized library, it is not included in the 'Trusted External Sources' (e.g., specific GitHub Orgs like Anthropics or Vercel), making the package installation unverifiable per standard security protocols. - COMMAND_EXECUTION (LOW): The skill explicitly requests
Bash (*)permissions in its metadata. This broad permission level allows for arbitrary shell command execution, which is required for its intended installation and customization steps but increases the potential impact if the agent is compromised. - INDIRECT PROMPT INJECTION (LOW): The skill identifies a surface for indirect prompt injection where untrusted data could influence agent actions.
- Ingestion points: The
[component]argument in thenpxcommand. - Boundary markers: Absent; there are no delimiters or instructions to sanitize the component name before execution.
- Capability inventory: The skill possesses the
Bash (*)capability, allowing for full command execution. - Sanitization: Absent; the process
IDENTIFY → INSTALL → CUSTOMIZEdoes not specify validation steps for the component identifier, potentially allowing an attacker to suggest a malicious package name or inject shell characters.
Audit Metadata