elixir-dependency-updater
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION] (HIGH): Vulnerable to Indirect Prompt Injection (Category 8). The agent reviews untrusted external content (dependency diffs, changelogs) and is instructed to 'Apply required code changes' based on that content. An attacker could craft a malicious package update with instructions in the diff/changelog to trick the agent into inserting backdoors or malicious configuration. Evidence: Step 1A and 1D describe reading external diffs and applying changes. Ingestion points:
mix hex.package diff. Boundary markers: Absent. Capability inventory:mix.exsediting, source code modification,mix testexecution. Sanitization: Absent. - [COMMAND_EXECUTION] (MEDIUM): Executes multiple shell commands through the Elixir 'mix' build tool. Evidence: Runs
mix compile --warnings-as-errors,mix format, andmix testin Step 1E. - [EXTERNAL_DOWNLOADS] (LOW): Downloads external code from the Hex package registry. Evidence: Uses
mix deps.getin Step 1C to fetch remote dependencies.
Recommendations
- AI detected serious security threats
Audit Metadata