environment-setup-guide
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- REMOTE_CODE_EXECUTION (HIGH): The skill attempts to download and execute an external script at runtime. Evidence: Automated scan detected the command 'curl -fsSL https://get.docker.com -o get-docker.sh' followed by execution. Runtime script execution is a major attack vector for arbitrary code execution.
- EXTERNAL_DOWNLOADS (LOW): The skill fetches content from get.docker.com. Since Docker is a trusted organization, the download itself is downgraded in severity per the [TRUST-SCOPE-RULE], although the execution remains a high risk.
- COMMAND_EXECUTION (MEDIUM): The skill utilizes system commands (curl) to perform network operations and file writes, which are sensitive operations that require explicit user trust.
Recommendations
- CRITICAL: Downloads and executes remote code from untrusted source(s): https://get.docker.com - DO NOT USE
- AI detected serious security threats
Audit Metadata