lesson
Fail
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The SKILL.md file contains a command that downloads and executes a script from a remote URL (https://raw.githubusercontent.com/Ai-feier/skills/main/docs/INSTALL.sh) by piping it directly to bash. This grants the remote script execution privileges on the host system.
- [COMMAND_EXECUTION]: The INSTALL.md file includes several shell commands for manual setup, such as creating directories and writing to the MEMORY.md file.
- [PROMPT_INJECTION]: The skill monitors conversation history to extract lessons and write them to MEMORY.md, which creates an indirect prompt injection surface. Ingestion points: Conversation logs. Boundary markers: None. Capability inventory: Writing to MEMORY.md. Sanitization: No validation or filtering of extracted content is documented.
Recommendations
- HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/Ai-feier/skills/main/docs/INSTALL.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata