Skills
skills/kidow/skills/find-npm-package/Gen Agent Trust Hub

find-npm-package

Fail

Audited by Gen Agent Trust Hub on Apr 27, 2026

Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: Potential for indirect prompt injection. The skill fetches and displays package descriptions and names from the public npm registry. Because these fields are populated by external package authors, they could contain malicious instructions intended to influence the agent's logic when search results are processed.
  • Ingestion points: Search results from the npm registry API in SKILL.md.
  • Boundary markers: None; descriptions are printed directly to the output.
  • Capability inventory: Shell command execution via curl and python3.
  • Sanitization: The skill does not sanitize or escape the package descriptions before presentation.
  • [COMMAND_EXECUTION]: The skill uses curl, jq, and python3 to perform searches and process data. The python3 -c pattern is used locally to parse JSON data from a trusted source and does not execute remote code.
  • [EXTERNAL_DOWNLOADS]: Fetches metadata and statistics from the official npm registry (registry.npmjs.org) and download API (api.npmjs.org).
Recommendations
  • HIGH: Downloads and executes remote code from: https://registry.npmjs.org/-/v1/search?text= - DO NOT USE without thorough review
Audit Metadata
Risk Level
HIGH
Analyzed
Apr 27, 2026, 03:50 PM
Security Audit — agent-trust-hub — find-npm-package