ohmg
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill documentation instructs the use of 'bunx oh-my-ag' for installation and setup. This downloads and executes code from the npm registry belonging to an untrusted author ('first-fluke').
- COMMAND_EXECUTION (MEDIUM): The skill utilizes the 'Bash' tool for system-level operations including 'doctor' (repair) and 'agent:spawn'. This allows for arbitrary command execution on the host system.
- REMOTE_CODE_EXECUTION (MEDIUM): The 'bunx' commands and 'update' commands serve as remote execution patterns, fetching and running scripts from external repositories without explicit integrity checks.
- INDIRECT_PROMPT_INJECTION (LOW):
- Ingestion points: Ingests project files and shared state data via 'Read', 'Grep', and 'Glob' tools.
- Boundary markers: None provided in the skill definition to separate untrusted data from instructions.
- Capability inventory: Includes 'Bash' execution and 'Write' access, allowing data-driven commands.
- Sanitization: No evidence of input sanitization or validation before processing external project data.
Audit Metadata