Skills
skills/anthemflynn/ccmp/zig/Gen Agent Trust Hub

zig

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [Remote Code Execution] (CRITICAL): File references/zvm.md recommends installing ZVM via curl ... | bash from raw.githubusercontent.com/tristanisham/zvm, which executes unverified remote scripts.
  • [Persistence Mechanisms] (HIGH): File references/zvm.md instructs the agent to modify ~/.bashrc and ~/.zshrc to add ZVM to the system PATH.
  • [External Downloads] (HIGH): The skill downloads binaries from non-whitelisted repositories tristanisham/zvm and zigtools/zls via curl.
  • [Indirect Prompt Injection] (HIGH): The skill's ingestion of untrusted project files (build.zig, .zig) combined with its ability to execute build and test commands via MCP tools creates a significant vulnerability surface. Mandatory Evidence: (1) Ingestion points: build.zig, src/*.zig (2) Boundary markers: Absent (3) Capability inventory: zig_build, zig_test MCP tools (4) Sanitization: Absent.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 16, 2026, 09:32 AM