mise-guide
Fail
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill includes instructions to run 'curl https://mise.run | sh' for installation, which executes a remote script directly in the shell without integrity verification.
- [COMMAND_EXECUTION]: The skill facilitates running tasks defined in 'mise.toml' or within the 'mise-tasks/' folder, allowing for the execution of arbitrary shell commands.
- [PROMPT_INJECTION]: The skill processes project-level configuration files which could be used to deliver malicious instructions to the agent.
- Ingestion points: The agent reads 'mise.toml', '.env', and task script files from the current working directory.
- Boundary markers: No specific boundary markers or instructions are provided to ignore embedded instructions within these data sources.
- Capability inventory: The skill allows for command execution, tool installation, and environment variable manipulation.
- Sanitization: The skill does not perform validation or sanitization of the content found in configuration or task files.
- [EXTERNAL_DOWNLOADS]: The skill documentation provides workflows for installing software from various external registries and GitHub repositories, which can lead to the installation of unverified tools.
Recommendations
- HIGH: Downloads and executes remote code from: https://mise.run - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata