Skills
skills/beshkenadze/claude-code-tauri-skills/using-crabnebula-cloud-with-tauri/Gen Agent Trust Hub

using-crabnebula-cloud-with-tauri

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • Remote Code Execution (CRITICAL): The skill uses a piped shell pattern (curl | sh) to execute remote content from https://cdn.crabnebula.app/install/cn. This is a highly dangerous practice that allows for full system compromise as the content of the script is not validated before execution.
  • External Downloads (HIGH): The domain crabnebula.app is not a recognized trusted source. Accessing and executing scripts from untrusted third-party CDNs poses a significant supply-chain risk.
  • Command Execution (HIGH): The use of the shell (sh) to process unverified remote data provides a direct vector for privilege escalation or persistent malware installation.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cdn.crabnebula.app/install/cn - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 17, 2026, 06:43 PM