atxp
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches the
atxpand@atxp/clientpackages from the public npm registry to provide CLI and programmatic functionality. - [COMMAND_EXECUTION]: Executes shell commands via
npxto perform search and media generation tasks. - [REMOTE_CODE_EXECUTION]: Leverages
npxto download and run the ATXP toolset directly from a remote package registry. This is the standard distribution model for the service. - [PROMPT_INJECTION]: Features a surface for indirect prompt injection by processing external content from web and social media searches.
- Ingestion points: Results from
npx atxp searchandnpx atxp xcontained in SKILL.md. - Boundary markers: None specified to differentiate between tool output and instructions.
- Capability inventory: Can execute CLI commands via
npxand perform network requests as described in SKILL.md. - Sanitization: No explicit filtering or sanitization of search results is performed.
Audit Metadata