Skills
skills/cyb3rdudu/dotfiles/skill-installer/Gen Agent Trust Hub

skill-installer

Warn

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFEREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/install-skill-from-github.py uses the subprocess.run function to execute external git commands, including clone, sparse-checkout, and checkout, to retrieve repository contents.
  • [EXTERNAL_DOWNLOADS]: The skill performs network operations using urllib.request to communicate with the GitHub API (api.github.com) and download ZIP archives from codeload.github.com based on user-supplied repository information.
  • [REMOTE_CODE_EXECUTION]: The core functionality of the skill is to download and install external code (other skills) into the $CODEX_HOME/skills directory. This process moves unverified remote code into a local path intended for execution by the AI agent system.
  • [CREDENTIALS_UNSAFE]: The scripts/github_utils.py module programmatically accesses GITHUB_TOKEN and GH_TOKEN environment variables to include them in the Authorization header for network requests, exposing sensitive authentication credentials during the installation process.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 1, 2026, 03:19 PM