update
Fail
Audited by Gen Agent Trust Hub on Apr 5, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill uses a high-risk pattern (
bash <(curl ...)) to download and execute a script from a remote URL, bypassing local verification mechanisms and allowing arbitrary code execution on the host system. - [EXTERNAL_DOWNLOADS]: The skill fetches an installation script from
https://raw.githubusercontent.com/boshu2/agentops/main/scripts/install.sh. While the source belongs to the author, the practice of executing remote scripts at runtime poses a significant supply chain risk. - [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands to modify the system environment and install files globally across the agent's session.
Recommendations
- HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/boshu2/agentops/main/scripts/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata