add-to-existing-project
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- REMOTE_CODE_EXECUTION (MEDIUM): The skill runs 'npx tambo init', which downloads and executes scripts from the npm registry. This is a high-risk operation as the package author is not on the trusted list; severity is reduced from HIGH because it is the primary function of the skill.
- EXTERNAL_DOWNLOADS (LOW): The skill installs the '@tambo-ai/react' and 'zod' packages. As the source is not a pre-approved trusted organization, user verification is recommended.
- COMMAND_EXECUTION (LOW): The skill uses shell commands like 'npm install' to modify the local development environment.
- Indirect Prompt Injection (LOW): The skill reads project files to detect technology frameworks. 1. Ingestion points: package.json, tsconfig.json, and various framework configuration files. 2. Boundary markers: Absent. 3. Capability inventory: npm/npx execution and file writing. 4. Sanitization: None.
Audit Metadata