Skills
skills/aeonbridge/ab-anthropic-claude-skills/evolution-api/Gen Agent Trust Hub

evolution-api

Fail

Audited by Gen Agent Trust Hub on Feb 21, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [REMOTE_CODE_EXECUTION] (HIGH): The skill uses 'curl | bash' to execute a script from 'https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.0/install.sh'. Piped remote execution is a high-risk activity as it provides no opportunity for code verification before execution.
  • [EXTERNAL_DOWNLOADS] (HIGH): The code is fetched from the 'nvm-sh' GitHub organization, which is not included in the pre-approved trusted sources list.
  • [COMMAND_EXECUTION] (HIGH): Directly invoking shell interpreters on content fetched from the network is a dangerous practice that can lead to system compromise if the remote source is altered or intercepted.
Recommendations
  • HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.0/install.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 21, 2026, 01:44 AM