Skills
skills/agno-agi/agno-skills/agno/Gen Agent Trust Hub

agno

Fail

Audited by Gen Agent Trust Hub on Feb 26, 2026

Risk Level: CRITICALCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill documents the framework's ability to execute shell commands and external binaries using specialized tools.
  • Evidence: references/tools.md describes ShellTools for command execution.
  • Evidence: references/mcp.md shows usage of MCPTools with the command parameter for local CLI tool execution.
  • [REMOTE_CODE_EXECUTION]: The framework allows for the execution of Python code and the dynamic loading of tools through the Model Context Protocol (MCP).
  • Evidence: references/tools.md documents PythonTools for running Python scripts.
  • Evidence: SKILL.md examples use uvx and npx to dynamically download and execute code from public registries.
  • [EXTERNAL_DOWNLOADS]: Documentation examples demonstrate fetching and running tools from external package repositories.
  • Evidence: SKILL.md contains examples such as npx -y @openbnb/mcp-server-airbnb and uvx mcp-server-git.
  • [SAFE]: An automated scanner flagged a 'Phishing' alert in references/teams.md. Manual inspection of the file confirms it contains no external URLs, only standard placeholders like user@example.com, identifying the alert as a false positive.
Recommendations
  • Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 26, 2026, 10:41 AM