crafting-readme-files
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- REMOTE_CODE_EXECUTION (HIGH): The 'references/section-templates.md' file contains multiple documentation templates for installation that use the 'curl | bash' pattern from untrusted placeholder URLs (e.g., 'https://raw.githubusercontent.com/user/repo/main/install.sh'). This is a severe security anti-pattern that facilitates supply-chain attacks.
- COMMAND_EXECUTION (MEDIUM): The templates suggest using 'eval' for shell completions and 'Invoke-Expression' for PowerShell, which are dangerous primitives that serve as sinks for executing arbitrary code.
- PERSISTENCE (MEDIUM): The skill provides templates that guide users to modify shell configuration files like '
/.bashrc' and '/.zshrc' for tool initialization, representing a high-risk persistence mechanism for any potentially malicious binaries. - DATA_EXFILTRATION (SAFE): The skill includes a 'Security' section template that advises users to keep data local and avoid network calls, which is a positive best-practice recommendation within the generated documentation.
Recommendations
- HIGH: Downloads and executes remote code from: https://..., https://raw.githubusercontent.com/user/repo/main/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata