gr-competitor

Warn

Audited by Gen Agent Trust Hub on Jul 16, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires installing the @actionbookdev/cli package from the public NPM registry, which is an external dependency from a non-trusted source.\n- [REMOTE_CODE_EXECUTION]: The skill instructs the agent to run npx @actionbookdev/cli, which involves downloading and executing remote scripts from the NPM registry at runtime.\n- [COMMAND_EXECUTION]: The provided instructions include shell scripts for bulk extraction and concurrent processing using loops and background processes.\n- [PROMPT_INJECTION]: The skill is vulnerable to Indirect Prompt Injection because it retrieves and processes content from arbitrary external URLs (competitor websites). Malicious instructions embedded in these pages could influence the agent's behavior during report synthesis.\n
  • Ingestion points: Scraped data from external URLs (landing pages, pricing, blogs).\n
  • Boundary markers: None present in the synthesis instructions.\n
  • Capability inventory: Shell command execution (actionbook CLI) and report generation.\n
  • Sanitization: No evidence of content sanitization or validation before processing.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jul 16, 2026, 05:43 AM
Security Audit — agent-trust-hub — gr-competitor