find-skills
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- Remote Code Execution (HIGH): The skill documentation instructs the agent to use 'npx skills add -g -y' to install packages. The use of the '-y' flag bypasses user confirmation, allowing for the unattended installation and execution of code from arbitrary remote sources.\n- Indirect Prompt Injection (HIGH): The skill is vulnerable to poisoned search results. Evidence Chain: (1) Ingestion points: Results from 'npx skills find' (SKILL.md). (2) Boundary markers: None. (3) Capability inventory: Installation of code with global privileges via 'npx skills add -g'. (4) Sanitization: No validation or escaping of package names or descriptions before display or installation.\n- External Downloads (HIGH): The skill downloads and integrates remote code from GitHub without providing a mechanism for verifying the source's integrity or authenticity, which could lead to a system compromise if a malicious repository is specified.
Recommendations
- AI detected serious security threats
Audit Metadata