skill-find
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- Remote Code Execution (HIGH): The skill provides an
installcommand that downloads and executes code from an external URL (python scripts/skillsmp_api.py install <skill-url>). This allows for the installation of arbitrary, unvetted scripts onto the system.- External Downloads (HIGH): The skill is designed to interact with and pull content fromskillsmp.com, which is not a verified or trusted repository within the allowed scope.- Indirect Prompt Injection (HIGH): The skill ingests untrusted data from an external API during search operations. Ingestion points: API search results fromskillsmp.com. Boundary markers: None present to distinguish untrusted marketplace content from instructions. Capability inventory: Includes shell command execution and package installation. Sanitization: None observed. An attacker could craft a skill description on the marketplace that, when processed by the agent, triggers unintended installation or execution commands.
Recommendations
- AI detected serious security threats
Audit Metadata