zoxide-install
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- Persistence Mechanisms (HIGH): The skill modifies the user's shell profile (~/.zshrc) by appending 'eval "$(zoxide init zsh)"'. This ensures that the tool's initialization logic is executed automatically in every new terminal session, which is a standard persistence technique.
- Dynamic Execution (MEDIUM): The use of 'eval "$(zoxide init zsh)"' executes code generated dynamically by the zoxide binary at runtime. While common for shell utilities, this represents a risk if the underlying binary were compromised or if the environment variables it relies on were manipulated.
- Command Execution (MEDIUM): The skill performs multiple sensitive system operations, including 'brew install', modifying system configuration files, and 'source'ing environment files.
- External Downloads (LOW): The skill downloads binaries (zoxide, fzf) via the Homebrew package manager. While Homebrew is a common and generally trusted utility, it still involves installing third-party executable code on the host system.
Recommendations
- AI detected serious security threats
Audit Metadata