update-buttercut
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (HIGH): The skill downloads a software archive from 'https://github.com/barefootford/buttercut/archive/refs/heads/main.zip'. The 'barefootford' organization is not a trusted source, and downloading ZIP files from untrusted third parties for installation is high-risk.
- [REMOTE_CODE_EXECUTION] (HIGH): Following the download and extraction, the skill executes 'bundle install' and 'bundle exec rspec'. These commands execute Ruby code (Gemspecs and test files) contained within the downloaded archive, allowing for arbitrary remote code execution on the user's machine.
- [COMMAND_EXECUTION] (MEDIUM): The skill performs several potentially dangerous operations including 'rsync' to overwrite local files with external content and 'git pull origin main', which modifies the local codebase from a remote source.
- [INDIRECT_PROMPT_INJECTION] (LOW):
- Ingestion points: ZIP archive and git repository content from 'github.com/barefootford'.
- Boundary markers: None. The agent is not instructed to ignore instructions that might be embedded in the downloaded files.
- Capability inventory: 'bundle install' (code execution), 'bundle exec rspec' (code execution), 'rsync' (file system modification).
- Sanitization: None. No validation is performed on the downloaded files before execution.
Recommendations
- AI detected serious security threats
Audit Metadata