Skills
skills/aaaaqwq/agi-super-skills/find-skills/Gen Agent Trust Hub

find-skills

Warn

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: MEDIUMREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the npx skills command to perform searches and manage package installations.
  • [REMOTE_CODE_EXECUTION]: The skill recommends the command npx skills add <package> -g -y to install new capabilities. This instruction facilitates the global installation of code from remote GitHub repositories. The use of the -y flag is a significant risk as it bypasses user confirmation prompts, potentially leading to the unattended execution of malicious code from third-party sources.
  • [EXTERNAL_DOWNLOADS]: The skill connects to the external registry at https://skills.sh/ to search for skills and downloads content from various GitHub repositories during the installation process.
  • [PROMPT_INJECTION]: The skill's workflow creates an attack surface for indirect prompt injection via the external registry.
  • Ingestion points: Results and metadata from npx skills find are retrieved from https://skills.sh/ and presented to the agent in SKILL.md.
  • Boundary markers: No delimiters or "ignore instructions" warnings are used to isolate content fetched from the external registry.
  • Capability inventory: The skill has the capability to execute shell commands and install software packages via npx.
  • Sanitization: There is no evidence of sanitization or validation of the data retrieved from the registry before it is processed by the agent.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 9, 2026, 10:14 PM