uniapp-project-creator
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- COMMAND_EXECUTION (HIGH): Persistence mechanism detected. The 'templates/cli-commands.md' file contains instructions for adding aliases to shell configuration files such as '
/.bashrc' and '/.zshrc'. If an agent automatically executes these commands, it creates a persistent execution vector that could be used to run arbitrary code in future terminal sessions. - EXTERNAL_DOWNLOADS (MEDIUM): Unverifiable remote code execution. The skill utilizes 'npx degit' to download project templates from the 'dcloudio/uni-preset-vue' repository. As the 'dcloudio' organization is not included in the trusted source list, this constitutes a risk of executing code from an unverified remote source.
- COMMAND_EXECUTION (LOW): Indirect Prompt Injection surface. The bash script templates in 'templates/cli-commands.md' (e.g., 'create-vue2-project.sh') interpolate a user-provided project name variable '$PROJECT_NAME' directly into shell commands without quoting or sanitization. 1. Ingestion points: User-provided project name in the request. 2. Boundary markers: Absent. 3. Capability inventory: Execution of 'npx', 'npm', and 'cd' commands. 4. Sanitization: Absent; the variable is used raw, which could lead to command injection if a malicious name is provided.
Recommendations
- AI detected serious security threats
Audit Metadata