setup
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION] (CRITICAL): The skill utilizes the 'curl | bash' pattern to install Homebrew ('/bin/bash -c "$(curl -fsSL ...)"'), which executes unverified remote scripts directly in the shell.
- [COMMAND_EXECUTION] (HIGH): The skill performs extensive local system operations, including file manipulation (mkdir, cp, rm), package management, and the creation of custom executable scripts ('~/.buttercut/whisperx').
- [PERSISTENCE_MECHANISMS] (HIGH): Automatically modifies shell configuration files ('
/.zshrc' and '/.bash_profile') to permanently alter the system PATH and inject environment initializers. - [EXTERNAL_DOWNLOADS] (LOW): Downloads software from trusted sources (GitHub and PyPI). Per [TRUST-SCOPE-RULE], the download itself is low risk, but the subsequent execution behavior remains high/critical.
- [PRIVILEGE_ESCALATION] (MEDIUM): Suggests the use of 'sudo' for manual troubleshooting steps to remove system-level directories ('/Library/Developer/CommandLineTools').
Recommendations
- AI detected serious security threats
Audit Metadata