find-skills
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates the execution of CLI commands using 'npx skills' to manage agent extensions and workflows.- [EXTERNAL_DOWNLOADS]: Fetches package information and configuration data from the 'skills.sh' registry and official GitHub repositories such as vercel-labs.- [REMOTE_CODE_EXECUTION]: Instructs the agent on how to install and globally deploy external code packages via the 'npx skills add' command, which downloads and executes modular skill code.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its handling of external data:
- Ingestion points: The skill processes and displays output from 'npx skills find [query]', which contains potentially unvetted descriptions and names from external package authors.
- Boundary markers: No specific delimiters or safety instructions are defined to separate the search results from the agent's core instructions.
- Capability inventory: The skill possesses the ability to execute shell commands and modify the global environment through package installation.
- Sanitization: There is no explicit sanitization of the data returned by the search command before it is presented or acted upon, though the final installation step is presented as an option for the user or executed with a skip-confirmation flag.
Audit Metadata