Skills
skills/aradotso/trending-skills/freebuff2api-openai-proxy/Gen Agent Trust Hub

freebuff2api-openai-proxy

Fail

Audited by Gen Agent Trust Hub on Apr 20, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the agent or user to download source code from an unverified GitHub repository at https://github.com/Quorinex/Freebuff2API.git and a container image from ghcr.io/quorinex/freebuff2api:latest.- [REMOTE_CODE_EXECUTION]: The provided instructions involve building and running code retrieved from a remote, untrusted source using go build and docker run. This pattern executes unverified software on the local host.- [COMMAND_EXECUTION]: The skill makes extensive use of shell commands for installation and deployment, including git clone, docker run, npm install, and go build.- [CREDENTIALS_UNSAFE]: The documentation identifies specific sensitive file paths where authentication tokens are stored, such as ~/.config/manicode/credentials.json. It also includes a hardcoded example UUID token fa82b5c1-e39d-4c7a-961f-d2b3c4e5f6a7 within the instructions.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Apr 20, 2026, 12:48 AM