magic-portfolio
Warn
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill instructs the agent to clone a repository from an untrusted GitHub source (
https://github.com/Eng0AI/magic-portfolio-template.git). This source is not part of the trusted organizations list and its contents cannot be verified statically. - COMMAND_EXECUTION (MEDIUM): After cloning the external repository, the skill executes
npm install,npm run build, andnpm run dev. These commands trigger the execution of scripts (likepreinstallorpostinstall) and binaries defined within the untrusted repository, creating a path for remote code execution. - CREDENTIALS_UNSAFE (LOW): The deployment section uses environment variables like
$VERCEL_TOKEN. While standard for deployment, there is a risk that malicious code in the cloned repository could attempt to exfiltrate these credentials during the build or deploy process. - INDIRECT_PROMPT_INJECTION (LOW): The skill processes external data (the cloned repository).
- Ingestion points:
git cloneof the external repository. - Boundary markers: None present; the agent treats the cloned files as legitimate project structure.
- Capability inventory: File system access, network access via
npm, and subprocess execution vianpm run. - Sanitization: None; the agent is instructed to move and execute the files directly.
Audit Metadata