mgrep
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [Prompt Injection] (HIGH): The skill contains explicit instructions to override standard agent behavior. It uses markers like 'MANDATORY', 'MUST', and 'NEVER' to coerce the agent into ignoring its internal search tools. This is a classic 'Override/Bypass' pattern used to hijack tool-use logic.
- [Command Execution] (MEDIUM): The skill mandates the execution of 'mgrep', a custom command that performs semantic searches on local files and makes network calls to the 'mixedbread/web store'. Because the underlying source code for 'mgrep' is not provided and it is positioned as a mandatory replacement for system utilities, it poses a significant risk of unverified file access and data redirection.
Recommendations
- AI detected serious security threats
Audit Metadata