Skills
NYC
skills/bahayonghang/my-claude-code-settings/uv-expert/Gen Agent Trust Hub

uv-expert

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [REMOTE_CODE_EXECUTION] (CRITICAL): The skill provides instructions for piped remote execution using curl | sh and irm | iex for installation from https://astral.sh/. Because astral-sh is not in the predefined 'Trusted GitHub Organizations' list, this is classified as RCE from an untrusted source. Evidence: curl -LsSf https://astral.sh/uv/install.sh | sh and powershell -ExecutionPolicy ByPass -c "irm https://astral.sh/uv/install.ps1 | iex".
  • [COMMAND_EXECUTION] (HIGH): Explicitly instructs the user/agent to use powershell -ExecutionPolicy ByPass, which is a security bypass technique to run unverified scripts on Windows systems.
  • [INDIRECT_PROMPT_INJECTION] (HIGH): The skill's primary utility involves executing user-defined Python scripts via uv run. It lacks sanitization or boundary markers for this external content. In an adversarial context, a script processed by the agent could contain instructions to exploit the agent's capabilities. Capability inventory: uv run, uv tool install, uv add. Ingestion points: uv run script.py and uv add <package>.
  • [EXTERNAL_DOWNLOADS] (MEDIUM): Encourages downloading and installing various Python packages (e.g., requests, fastapi) from external registries without requiring version pinning or cryptographic hash verification in the provided examples.
Recommendations
  • CRITICAL: Downloads and executes remote code from untrusted source(s): https://astral.sh/uv/install.sh - DO NOT USE
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 16, 2026, 05:29 AM