Skills
skills/didi/mpx/mpx-rn-dev-guide/Gen Agent Trust Hub

mpx-rn-dev-guide

Warn

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The SKILL.md file contains instructions for the AI agent to execute a local JavaScript utility, scripts/compile-validate.js, using the Node.js runtime to perform compilation checks on project components.\n- [REMOTE_CODE_EXECUTION]: The script scripts/compile-validate.js implements a dynamic loading mechanism via the requireFromProject function, which uses require.resolve with computed paths to load and execute modules (such as @mpxjs/mpx-cli-service and webpack) from the project's node_modules directory. This pattern allows for the execution of code from paths discovered at runtime.\n- [PROMPT_INJECTION]: The skill is designed to ingest and transform .mpx files, which are untrusted external data. This creates an attack surface for indirect prompt injection, where malicious instructions embedded in the processed components could attempt to influence the agent's behavior or exploit the local validation environment.\n
  • Ingestion points: The agent is instructed to read and modify .mpx files provided by the user in the adaptation and creation tasks.\n
  • Boundary markers: No specific delimiters or safety instructions are defined to isolate the content of the processed files from the agent's instructions.\n
  • Capability inventory: The agent has the capability to write to the file system (saving adapted components) and execute local shell commands (running the validation script).\n
  • Sanitization: There is no evidence of content sanitization or validation of the .mpx file structure before processing.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 30, 2026, 01:51 AM
Security Audit — agent-trust-hub — mpx-rn-dev-guide