coco-cli
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The skill documentation instructs the user/agent to run
./scripts/install.shor./scripts/install.ps1to set up the environment. Because these script files are not included in the provided context, their actions cannot be audited, posing a risk of arbitrary code execution, privilege escalation, or malicious system configuration during installation. - [EXTERNAL_DOWNLOADS] (HIGH): The skill relies on an external 'coco' CLI binary. The installation scripts mentioned in the README likely download this binary from a remote server. Without a verified source URL or checksum, this represents a risk of downloading and executing untrusted or malicious software.
- [INDIRECT_PROMPT_INJECTION] (MEDIUM): This skill defines a significant attack surface by processing external ODB++ design files.
- Ingestion points: Files within the directory structure provided to the
--inputflag (e.g.,matrix/,steps/,misc/). - Boundary markers: None. The tool processes folder contents directly.
- Capability inventory: The skill executes a CLI tool with numerous subcommands (
list-layers,measure,render) that handle local file system paths. - Sanitization: None described. Maliciously crafted PCB design files could potentially exploit vulnerabilities in the proprietary
cocoparser.
Recommendations
- AI detected serious security threats
Audit Metadata