logic-lens
Fail
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill's installation instructions recommend running
npx antigravity-awesome-skills, which downloads code from an unverified third-party package registry. - [REMOTE_CODE_EXECUTION]: By recommending the use of
npxwith an unverified package (antigravity-awesome-skills), the skill encourages the execution of remote code on the host machine during the setup process. - [PROMPT_INJECTION]: The skill is designed to ingest and analyze untrusted source code provided by users, creating a surface for indirect prompt injection.
- Ingestion points: Code files targeted by the user for review or scanning (e.g.,
src/auth/login.tsas shown in examples). - Boundary markers: The skill instructions do not provide delimiters or isolation instructions to prevent the agent from being influenced by malicious instructions embedded in the code being reviewed.
- Capability inventory: The skill uses LLM-based reasoning tools (claude, codex, cursor, gemini) to interpret the provided code content.
- Sanitization: No input validation or sanitization of the user-provided code is described or implemented in the instructions.
Recommendations
- AI detected serious security threats
Audit Metadata