checking-files-with-lsp
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill uses
mise install <tool>to dynamically download and install software at runtime. Because the specific tools are selected based on search results for a file type, the skill executes unverified third-party binaries that have not been pre-audited. - COMMAND_EXECUTION (MEDIUM): The skill executes several shell commands including
mise search,mise list, andmise exec. It also runs the chosen LSP/linter against local files. This creates a risk where a maliciously named tool or file could potentially lead to command injection, or a malicious tool could perform unauthorized actions on the host system. - DATA_EXFILTRATION (LOW): Language servers and linters require read access to the source code they analyze. If a malicious or compromised tool is installed, it could exfiltrate sensitive information found within the codebase to an external server.
- INDIRECT_PROMPT_INJECTION (LOW): The skill processes untrusted file content to determine file types or via the output of the tools. While the logic is primarily focused on tool selection, the results of the validation (errors/warnings) are fed back to the agent, which could be manipulated to influence subsequent agent actions.
Audit Metadata