ubs
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION] (CRITICAL): The installation instructions provide a command
curl -fsSL "https://raw.githubusercontent.com/Dicklesworthstone/ultimate_bug_scanner/master/install.sh?$(date +%s)" | bash -s -- --easy-mode. This is a piped remote execution pattern from an untrusted source, which is a high-risk vector for arbitrary code execution. - [EXTERNAL_DOWNLOADS] (HIGH): The manual installation process downloads a binary from an unverified GitHub account (
Dicklesworthstone) to/usr/local/binand grants execution permissions viachmod +x. This bypasses standard security vetting and package management safety. - [COMMAND_EXECUTION] (MEDIUM): The
ubs doctor --fixcommand attempts to modify the user's environment by programmatically installing third-party tools such asast-grep,ripgrep, andjq, which constitutes significant system-level changes. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes untrusted source code and returns results that influence agent behavior. An attacker could embed malicious comments in the code to mislead the quality gate. Evidence Chain: 1. Ingestion points:
ubs <changed-files>inSKILL.md. 2. Boundary markers: Absent for ingested code. 3. Capability inventory: System-level file access and subprocess execution viaubscommands. 4. Sanitization: Not specified for external code inputs.
Recommendations
- HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/Dicklesworthstone/ultimate_bug_scanner/master/install.sh?$(date - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata