search-for-service
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (HIGH): The skill uses 'npx awal@latest' to download and run code from the npm registry. The package is not from a trusted organization, and use of '@latest' permits unreviewed code changes to execute.
- REMOTE_CODE_EXECUTION (HIGH): Using 'npx' on an unverified third-party package allows for arbitrary remote code execution on the host system.
- COMMAND_EXECUTION (MEDIUM): The skill requires Bash tool access to execute the discovery and inspection commands.
- PROMPT_INJECTION (LOW): This skill contains an indirect prompt injection surface where untrusted data could influence agent behavior. (1) Ingestion points: Data from bazaar search results and endpoint details in 'SKILL.md'. (2) Boundary markers: Absent. (3) Capability inventory: Bash execution via npx. (4) Sanitization: Absent.
Recommendations
- AI detected serious security threats
Audit Metadata