find-skills
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates downloading agent capabilities from the public skills.sh registry and GitHub repositories.- [REMOTE_CODE_EXECUTION]: Instructions enable the installation and execution of external code modules via the
npx skills addcommand. This is used to extend the agent's functionality with specialized workflows and tools.- [COMMAND_EXECUTION]: Utilizes thenpx(Node Package Runner) CLI to interact with the skills ecosystem, including searching, adding, and updating local packages.- [PROMPT_INJECTION]: Exhibits an indirect prompt injection surface by processing and presenting untrusted metadata (names and descriptions) from third-party skills found during searches. - Ingestion points: External skill documentation and metadata retrieved from
npx skills find(SKILL.md). - Boundary markers: None present; the skill does not explicitly delimit external content from internal instructions.
- Capability inventory: Capability to install further extensions and execute shell commands via the CLI (SKILL.md).
- Sanitization: None identified; the skill relies on the user to evaluate the reputation of skills before installation.
Audit Metadata