Skills
skills/magic-meal-kits/mmk-skills/mmk-notion-onboard/Gen Agent Trust Hub

mmk-notion-onboard

Pass

Audited by Gen Agent Trust Hub on Mar 16, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @magic-meal-kits/cli@beta package from the npm registry. This is a vendor-owned resource associated with the skill author.
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute mmk and gws commands. This is used to interact with Notion and Google Workspace APIs.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (specifically argument injection) because user-provided inputs such as <email>, <role>, and <block-id> are interpolated directly into shell commands without explicit sanitization or boundary markers.
  • Ingestion points: User-provided parameters email, role, and block-id from the task description or chat interface.
  • Boundary markers: None present in the bash command templates to delimit user input.
  • Capability inventory: Execution of sub-commands under the mmk and gws binaries via the Bash tool.
  • Sanitization: No sanitization or validation logic is visible in the provided skill instructions before passing data to the shell.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 16, 2026, 04:58 PM