find-skills
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the 'npx skills' command to search for and manage additional agent capabilities.
- [EXTERNAL_DOWNLOADS]: The skill facilitates downloading metadata and code packages from the 'https://skills.sh' registry and GitHub repositories.
- [REMOTE_CODE_EXECUTION]: The primary function of the skill is to install and enable external code packages on the local system. This involves executing code from third-party sources, which is the intended use-case.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection via the discovery process. 1. Ingestion points: Registry data returned by the 'npx skills find' command. 2. Boundary markers: No markers are used to delimit tool output in the prompt. 3. Capability inventory: The agent has the ability to install and execute arbitrary code via 'npx skills add'. 4. Sanitization: No validation or sanitization of the remote registry output is performed before it is processed by the agent.
Audit Metadata