Skills
skills/wisdomgraph/mega-code/mega-code-login/Gen Agent Trust Hub

mega-code-login

Pass

Audited by Gen Agent Trust Hub on Apr 10, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: Executes shell commands and Python modules via uv run to perform OAuth steps and local setup.\n- [DATA_EXFILTRATION]: Connects to https://console.megacode.ai to conduct session creation and polling for authentication completion. This is the intended behavior for the specified service.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by parsing JSON command output and using the values in subsequent bash commands. In accordance with the analyzer rules, the severity is reduced to SAFE as this interaction is required for the skill's primary purpose.\n
  • Ingestion points: JSON output containing client_id and base_url from the initial setup step.\n
  • Boundary markers: None.\n
  • Capability inventory: Shell command execution via uv run and bash.\n
  • Sanitization: None performed on the parsed values before interpolation.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 10, 2026, 04:11 AM