mcp-jetbrains-ide
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION] (CRITICAL): The skill documentation includes an installation command
curl -fsSL https://raw.githubusercontent.com/vaayne/mcphub/main/scripts/install.sh | sh. This is a verified remote code execution pattern that pipes unverified script content from the internet directly into the system shell. - [EXTERNAL_DOWNLOADS] (HIGH): Executable scripts are downloaded from an untrusted GitHub repository (
vaayne/mcphub). This organization is not recognized as a trusted source. - [PROMPT_INJECTION] (LOW): The skill is vulnerable to indirect prompt injection (Category 8). 1. Ingestion points: Tools such as
getFileTextByPath,searchInFilesByText, andgetSymbolInforead raw content from project files. 2. Boundary markers: No delimiters or instructions to ignore embedded commands are present. 3. Capability inventory: The skill has high-privilege capabilities includingexecuteRunConfiguration(arbitrary command execution via IDE),createNewFile, andreplaceTextInFile. 4. Sanitization: No sanitization or validation of the file content is performed before the agent processes it, allowing an attacker to place malicious instructions in source code that the agent might unknowingly follow.
Recommendations
- HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/vaayne/mcphub/main/scripts/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata