Skills
skills/aaaaqwq/agi-super-skills/skill-finder-cn/Gen Agent Trust Hub

skill-finder-cn

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the clawhub binary via scripts/search.sh to search the registry and provides instructions for the agent to run clawhub inspect and clawhub install based on user requests.
  • [PROMPT_INJECTION]: The skill facilitates indirect prompt injection by ingesting and displaying metadata from the external clawhub.ai registry. Maliciously crafted skill descriptions in the registry could attempt to influence the agent's subsequent actions.
  • Ingestion points: Search results and skill details fetched from https://clawhub.ai via the clawhub CLI.
  • Boundary markers: None identified; external content is presented to the agent without specific delimiters.
  • Capability inventory: Capability to execute search, inspection, and installation commands through the shell.
  • Sanitization: No evidence of output sanitization for the data retrieved from the remote registry.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 07:56 AM