find-skills
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION] (CRITICAL): The skill provides explicit instructions to execute 'npx skills add -g -y'. The inclusion of the '-y' flag is a critical security risk as it allows the agent to bypass interactive confirmation, leading to the silent installation and execution of arbitrary code from remote sources.
- [EXTERNAL_DOWNLOADS] (HIGH): The skill facilitates the installation of third-party code from any GitHub repository ('owner/repo@skill'). While it mentions trusted sources, there are no technical constraints to prevent the agent from fetching malicious repositories.
- [COMMAND_EXECUTION] (HIGH): The skill grants the agent the capability to perform system-wide changes via shell commands ('-g' for global installation) without sandboxing or parameter validation.
- [PROMPT_INJECTION] (MEDIUM): The 'find' command processes user-controlled keywords which are then used to pull data from an external ecosystem. This creates a surface for indirect injection where a malicious package could be crafted to appear as a legitimate solution for common tasks.
Recommendations
- AI detected serious security threats
Audit Metadata