Skills
skills/5hanth/zdev-skill/zdev/Gen Agent Trust Hub

zdev

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION] (HIGH): The skill documentation explicitly states that .zdev/setup.sh runs automatically when the zdev start command is invoked. This creates a critical vulnerability where an attacker-controlled repository could include a malicious setup script that executes arbitrary commands when an agent attempts to initialize the environment.
  • [EXTERNAL_DOWNLOADS] (MEDIUM): The skill relies on the zdev CLI, which is downloaded and executed via bunx zdev or bun add -g. This introduces a dependency on an external, third-party package that is not part of the trusted source list.
  • [REMOTE_CODE_EXECUTION] (HIGH): By combining the ingestion of untrusted local files (project directories) with the capability to execute scripts found within those files (setup.sh), the skill enables indirect RCE. An agent processing a malicious project would execute attacker-supplied code without further validation.
  • [PRIVILEGE_ESCALATION] (MEDIUM): The skill encourages users to set traefikConfigDir to /etc/traefik/dynamic. Modifying system-wide configuration directories typically requires elevated privileges (root/sudo) and could be used to intercept or reroute network traffic if exploited.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 09:53 PM