jeo
Fail
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill uses piped execution patterns for installation and monitoring. It executes scripts from "https://bun.sh/install" and "https://plannotator.ai/install.sh" directly via
curl | bash. It also configures persistent hooks that execute Python logic by piping local server responses (http://localhost:4747/pending) intopython3 -cfor real-time annotation monitoring. - [COMMAND_EXECUTION]: High-privilege command execution is core to the skill's setup. Setup scripts for various platforms (Claude, Codex, Gemini, OpenCode) modify agent configuration files (e.g., "
/.claude/settings.json", "/.codex/config.toml") to insert persistent hooks. It also uses git commands to manipulate worktrees and executes dynamic Python heredocs for configuration patching and state management. - [EXTERNAL_DOWNLOADS]: The skill downloads external dependencies during the installation phase, including shell scripts from remote domains and global NPM packages like "agent-browser" and "playwriter". It also references external plugins for the OpenCode and Claude Code marketplaces.
Recommendations
- HIGH: Downloads and executes remote code from: https://bun.sh/install, https://plannotator.ai/install.sh - DO NOT USE without thorough review
Audit Metadata