Skills
skills/decocms/deco-start/find-skills/Gen Agent Trust Hub

find-skills

Warn

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides instructions for the agent to execute shell commands using the npx skills command-line utility to find, add, check, and update capabilities.
  • [REMOTE_CODE_EXECUTION]: The npx skills add command is used to install and execute code from remote repositories on GitHub and the npm registry. This provides a direct mechanism for remote code execution from external sources.
  • [EXTERNAL_DOWNLOADS]: The skill connects to the external domain https://skills.sh/ and various remote code repositories to download skill metadata and package files.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection from malicious search results. Ingestion points: Skill descriptions and metadata returned by the npx skills find command as documented in SKILL.md. Boundary markers: No specific delimiters or instructions are provided to the agent to treat search results as untrusted data. Capability inventory: The agent can execute shell commands and install software via the npx tool. Sanitization: There is no evidence of validation or sanitization of the data retrieved from the search results before it is presented to the user or acted upon by the agent.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 11, 2026, 11:22 PM