Skills
skills/cmkim/mj-download-test/install-nodejs-22/Gen Agent Trust Hub

install-nodejs-22

Fail

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: Fetches and executes a shell script from Vercel's infrastructure to install the fnm tool.
  • File: install.sh
  • Evidence: curl -fsSL https://fnm.vercel.app/install | bash
  • [COMMAND_EXECUTION]: Requests administrative privileges to globally enable the corepack utility on macOS and Linux systems.
  • File: install.sh
  • Evidence: sudo corepack enable
  • [COMMAND_EXECUTION]: Dynamically executes shell commands generated by the newly installed fnm tool to configure the current session.
  • File: install.sh
  • Evidence: eval "$(fnm env --use-on-cd)"
Recommendations
  • HIGH: Downloads and executes remote code from: https://fnm.vercel.app/install - DO NOT USE without thorough review
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 10, 2026, 01:21 AM