github-cli
Fail
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION]: The README.md file suggests an installation method using
bash <(curl -s https://raw.githubusercontent.com/doug-skinner/github-cli-claude-skill/main/install.sh). This pattern is a high-risk Remote Code Execution (RCE) vector because it executes code directly from an external URL without integrity verification. Automated scans have confirmed this as an untrusted RCE pattern. - [COMMAND_EXECUTION]: The file
scripts/pr-workflow.shcontains a command injection vulnerability. The script uses theevalcommand to execute a string (PR_CMD) that is constructed from variables likeREVIEWERSandLABELS, which are obtained directly from user input via thereadcommand. Without proper sanitization, an attacker or a malicious prompt could inject shell metacharacters (e.g.,;,&&,|) to execute arbitrary commands. - [EXTERNAL_DOWNLOADS]: The skill's installation process and various helper scripts (e.g.,
install.sh,scripts/sync-fork.sh) perform network operations to download content fromgithub.comandraw.githubusercontent.com. While these domains are whitelisted for data, the context of using them to fetch and immediately execute shell scripts increases the overall threat profile of the skill.
Recommendations
- HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/doug-skinner/github-cli-claude-skill/main/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata