flomo-web-crud
Warn
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The README provides installation instructions using the npx command to download and run packages directly from the public NPM registry.
- [EXTERNAL_DOWNLOADS]: The skill depends on external MCP servers and components from third-party GitHub repositories, such as hangwin/mcp-chrome, which are not part of a verified trust scope.
- [REMOTE_CODE_EXECUTION]: The skill workflow relies on the chrome_javascript tool to execute arbitrary JavaScript within the user's browser session. This includes manipulating internal Vue instances and Tiptap editor commands, which could be exploited if the agent interpolates unsanitized user content into these script calls.
- [PROMPT_INJECTION]: The installation section of the README contains a pre-constructed prompt that instructs the agent to automatically install dependencies and configure the environment, which could bypass manual user inspection of the installation steps.
Audit Metadata