find-skills
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands such as 'npx skills find', 'npx skills add', and 'npx skills update'. This functionality is used to search the ecosystem and modify the agent's installed tools.
- [EXTERNAL_DOWNLOADS]: The skill enables downloading and installing external packages from repositories via 'npx skills add'. While the documentation suggests trusted sources like Vercel Labs, the CLI can install arbitrary packages from the broader registry.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes and summarizes output from the 'npx skills find' command. Maliciously crafted metadata in the registry could influence agent behavior.
- Ingestion points: Data returned from the 'npx skills find' CLI tool.
- Boundary markers: None identified for delimiting search result data.
- Capability inventory: The skill can execute shell commands and install packages globally.
- Sanitization: There is no requirement for validating or sanitizing registry data before processing.
Audit Metadata