Skills
skills/cristoslc/swain/swain-stage/Gen Agent Trust Hub

swain-stage

Fail

Audited by Gen Agent Trust Hub on Mar 27, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The management script scripts/swain-stage.sh contains an installation hint for the 'micro' editor that utilizes a high-risk piped-to-bash pattern: curl https://getmic.ro | bash. This pattern executes code from a remote source without verification, posing a significant risk of remote code execution.
  • [COMMAND_EXECUTION]: The skill makes extensive use of dynamic shell command generation to manage tmux panes and layouts. In scripts/swain-stage.sh, tmux commands are constructed by substituting placeholders with values retrieved from swain.settings.json and layout definitions in references/layouts/. This architecture allows for potential command injection if the configuration files are controlled by an untrusted party.
  • [EXTERNAL_DOWNLOADS]: The MOTD status panel (scripts/swain-motd.py) is executed via uv run and depends on the textual Python package. Furthermore, the skill provides suggestions for downloading and installing various CLI tools (such as yazi, nnn, and helix) using system package managers like brew, apt, and cargo.
Recommendations
  • HIGH: Downloads and executes remote code from: https://getmic.ro - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 27, 2026, 02:06 PM