tmdb-codegen
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [Comm and Exec utio n] (HIGH): The skill instr uc t s the agen t to run shell comm and s suc h as
pn p m code genthat exec ut e loca l Java Scrip t script s. This provide s a direc t path for code exec utio n if the con f ig uratio n is manipulate d. - [Indirec t Prom p t Inj ectio n] (HIGH): The re is a significan t attac k sur f ac e beca us e the skill instr uc t s the agen t to generat e exec utabl e code base d o n use r-provide d end poin t detail s. Ingestio n poin t s:
toolin g/tm d b-code gen/en d poin t s-con f ig.j s. Boun d ar y mar k er s: Ab sen t. Capabilit y invento r y: Shell comm and exec utio n (pn p m) an d fil e syste m writin g (src/_generat e d/). Sanitizatio n: Unverifiabl e as the generatio n scrip tgenerat e-selec tiv e-zod.j sis not includ e d for audi t.
Recommendations
- AI detected serious security threats
Audit Metadata