agent-bridge-workflow

================================================================================

🔴 VERDICT: HIGH

This skill instructs the AI to perform actions that introduce significant security risks, primarily through the downloading and execution of unverified external code. The use of npm install -g for an untrusted package and curl -fsSL to fetch skill files from arbitrary URLs creates a supply chain vulnerability. Malicious code from these sources could lead to command execution, data exfiltration, or system compromise. Additionally, the skill handles an sb_ token in ~/.agent-bridge/config.json, which is a sensitive credential.

Total Findings: 4

🔴 HIGH Findings: • Unverifiable Dependencies

• Line 40: The skill instructs npm install -g @annals/agent-bridge. The @annals organization is not a trusted source, and global npm install can execute arbitrary code with elevated privileges. • Unverifiable Dependencies
• Line 196: The skill instructs curl -fsSL <skill-raw-url> to download skill files. The <skill-raw-url> is an arbitrary URL, making the downloaded content completely unverified and a high risk for code execution and data exfiltration. • Data Exfiltration
• Line 196: The curl -fsSL <skill-raw-url> command downloads content from an arbitrary URL. If the URL is malicious, the downloaded content could contain commands to exfiltrate sensitive data. This is compounded by the skill's interaction with ~/.agent-bridge/config.json which stores an sb_ token.

🟡 MEDIUM Findings: • Privilege Escalation

• Line 40: The instruction npm install -g @annals/agent-bridge performs a global installation, which can require elevated privileges (e.g., sudo) depending on the system configuration, potentially leading to privilege escalation.

🔵 LOW Findings: • None

ℹ️ TRUSTED SOURCE References: • None

================================================================================