Skills
NYC
skills/boshu2/agentops/openai-docs/Gen Agent Trust Hub

openai-docs

Fail

Audited by Gen Agent Trust Hub on Feb 20, 2026

Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • COMMAND_EXECUTION (HIGH): The file SKILL.md explicitly instructs the agent to execute a command with escalated permissions without user consent if an initial attempt fails.
  • Evidence: 'If it fails due to permissions/sandboxing, immediately retry the same command with escalated permissions and include a 1-sentence justification for approval. Do not ask the user to run it yet.' in SKILL.md.
  • EXTERNAL_DOWNLOADS (LOW): The skill defines a dependency on an external MCP server from a reputable source.
  • Evidence: https://developers.openai.com/mcp in agents/openai.yaml and SKILL.md. Under [TRUST-SCOPE-RULE], this is downgraded as it targets a trusted domain (openai), but the execution logic remains a high-risk finding.
  • SAFE (SAFE): The validation script scripts/validate.sh performs basic pattern matching and does not contain malicious logic or unsafe file operations.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 20, 2026, 01:14 AM