Skills
skills/akillness/oh-my-gods/pm-skills/Gen Agent Trust Hub

pm-skills

Warn

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The script scripts/setup.sh performs a git clone from https://github.com/phuryn/pm-skills to fetch plugin components from an external, non-author-owned repository.
  • [COMMAND_EXECUTION]: The installation process involves executing shell commands in scripts/setup.sh to create directories and copy files into the agent's local environment (~/.claude/skills/).
  • [COMMAND_EXECUTION]: The SKILL.md instructions recommend using npx skills add pm-skills, which downloads and runs code from the npm registry.
  • [COMMAND_EXECUTION]: The setup script programmatically interacts with the agent's platform using claude plugin marketplace add and claude plugin install commands to modify agent capabilities.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 19, 2026, 01:55 PM