mdp
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (HIGH): The documentation in INSTALL.md instructs users to run 'bun install -g github:varunpandey0502/markdown-projects'. This repository belongs to a personal account that is not part of the trusted organization list.
- REMOTE_CODE_EXECUTION (HIGH): By installing and running software from an untrusted source, the user allows the repository owner to execute arbitrary code with the user's permissions on the host system.
- PROMPT_INJECTION (LOW): As defined in PROJECT-CONFIG.md, the 'project.md' file includes an 'instructions' field specifically intended to provide guidance for LLMs. This creates a surface for indirect prompt injection. Evidence Chain: 1. Ingestion Point: .mdp/project.md (instructions field). 2. Boundary Markers: Not implemented. 3. Capability Inventory: The tool possesses capabilities for creating, modifying, and deleting files and directories. 4. Sanitization: No sanitization or validation logic is mentioned for the processed instructions.
Recommendations
- AI detected serious security threats
Audit Metadata