logistics-tracking
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads and installs the
@shopmeagent/logistics-tracking-mcppackage from the npm registry vianpx. This is a vendor-owned resource required for the skill's operations. - [EXTERNAL_DOWNLOADS]: Recommends the installation of the
playwrightpackage, a well-known browser automation library, to enable tracking when no API key is provided. - [REMOTE_CODE_EXECUTION]: Utilizes
npxto execute the@shopmeagent/logistics-tracking-mcppackage at runtime. This is the intended method for deploying the logistics MCP server in either stdio or HTTP mode. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through the ingestion of external shipment data.
- Ingestion points: Tools such as
track_packageandbatch_trackretrieve tracking timelines and status descriptions from the 17track.net service. - Boundary markers: The skill definition does not specify the use of delimiters or 'ignore' instructions to encapsulate data retrieved from the tracking service.
- Capability inventory: The skill possesses the capability to execute shell commands (via
npx) and interact with network services. - Sanitization: There is no mention of sanitization or validation logic applied to the external tracking data before it is presented to the agent.
Audit Metadata