deepwiki
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill uses
bunx mcporter, which downloads and executes themcporterpackage from the npm registry at runtime. This package is not from a trusted GitHub organization or repository. - [REMOTE_CODE_EXECUTION] (MEDIUM): Executing unverified packages via
bunxconstitutes a risk where the package could perform arbitrary actions on the host system. - [COMMAND_EXECUTION] (LOW): Uses shell commands (via
bunx) to interact with the documentation service. - [DATA_EXFILTRATION] (LOW): Sends repository names and user questions to an external endpoint (
mcp.deepwiki.com) that is not on the whitelist of trusted domains. - [INDIRECT_PROMPT_INJECTION] (LOW): 1. Ingestion points: Processes documentation content and answers from the DeepWiki API. 2. Boundary markers: None identified in the provided instructions. 3. Capability inventory: Skill has the ability to execute shell commands. 4. Sanitization: No evidence of sanitization or filtering of API responses before processing.
Audit Metadata