cspell
Warn
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill frequently invokes
npx cspellinreferences/config-bootstrapping.md, which downloads and executes thecspellpackage from the npm registry if not already present. Thestreetsidesoftwareorganization is not listed as a Trusted External Source. - REMOTE_CODE_EXECUTION (MEDIUM): The use of
npxto execute a third-party package (cspell) constitutes remote code execution. This is used for initialization (npx cspell init) and verification (npx cspell --no-progress). - COMMAND_EXECUTION (LOW): The skill executes multiple shell commands including
cspell --versionandnpx cspell init. These commands are used to manage project spell-checking state and verify installations. - PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection as it processes untrusted source code and configuration files to identify spelling errors.
- Ingestion points: Project source files and configuration files (e.g.,
package.json,cspell.json) searched inSKILL.md(Workflow Step 1). - Boundary markers: None identified; the skill directly processes content from files.
- Capability inventory: Execution of
npx cspellcommands and filesystem write operations for configuration updates and inline directives. - Sanitization: None; words extracted from source code are used to suggest modifications or update dictionaries.
Audit Metadata