mpp-agent
Warn
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: MEDIUMREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill executes code from a remote source using
npx agentcash onboardand performs unversioned global installations of themppxpackage from the npm registry. - [COMMAND_EXECUTION]: The agent is instructed to use the
terminaltool to run various CLI commands, including account creation and wallet logins (mppx account create,tempo wallet login,privy-agent-wallets login). - [EXTERNAL_DOWNLOADS]: The instructions require the agent to fetch external
SKILL.mdfiles from domains such astempo.xyz,agents.privy.io, andagentcash.devusing theweb_extracttool. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by consuming instruction data from external URLs. 1. Ingestion points:
https://tempo.xyz/SKILL.md,https://agents.privy.io/skill.md, andhttps://agentcash.dev/skill.mdfetched viaweb_extract. 2. Boundary markers: No explicit delimiters or instructions are used to isolate or ignore embedded directives within the fetched content. 3. Capability inventory: Access to theterminaltool for executing shell commands andcurlfor network operations. 4. Sanitization: There is no evidence of validation or sanitization of the content retrieved from external URLs before it enters the agent context.
Audit Metadata