frontend-landings
Fail
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The installation instructions in
README.mdand theinstall.shscript facilitate remote code execution by piping a script from GitHub directly to the bash shell (curl | bash). This practice is highly risky as it allows the remote source to execute arbitrary commands on the user's computer. - [EXTERNAL_DOWNLOADS]: During installation, the skill fetches its main instruction files (
SKILL.mdandSTYLE_PRESETS.md) from a remote GitHub repository. The generated HTML pages also depend on external resources from well-known CDNs, including Tailwind CSS, Anime.js, and Google Fonts. - [PROMPT_INJECTION]: The skill includes an 'Improve / Convert' mode (defined in
SKILL.md) that ingests untrusted HTML provided by the user, creating a surface for indirect prompt injection. - Ingestion points: User-provided HTML is ingested for processing in
SKILL.md(Mode 2). - Boundary markers: No specific boundary markers or 'ignore' instructions are used to separate untrusted content from the agent's logic.
- Capability inventory: The skill enables the agent to generate and write code files to the local environment.
- Sanitization: There is no evidence of sanitization or safety validation performed on the ingested HTML content.
Recommendations
- HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/auwalmusa/frontend-landings-claude-skill/main/install.sh, https://raw.githubusercontent.com/${GH_USER}/${REPO_NAME}/main/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata