beeper-mcp
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The pre-hook script defines a database schema for storing message text, creating an ingestion surface for untrusted data. (1) Ingestion points: 'beeper_messages' table in 'pre-hook.sh'. (2) Boundary markers: Not defined in the setup script. (3) Capability inventory: Database and memory management. (4) Sanitization: None implemented in the schema.
- [Command Execution] (SAFE): The script executes local
duckdbandnodebinaries to manage the skill's state and monitor performance, which are standard operations.
Audit Metadata