find-skills
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill utilizes 'npx' to download and execute the 'skills' package from the npm registry and retrieves metadata for skill discovery from the 'skills.sh' domain.
- [COMMAND_EXECUTION]: The skill instructs the agent to execute various shell commands using 'npx', including 'find', 'add', 'check', and 'update', which are essential for its primary purpose of managing skill lifecycles.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it processes untrusted data from the external 'skills.sh' ecosystem during the discovery process.
- Ingestion points: Search results returned from the 'npx skills find' command and descriptions fetched from 'skills.sh'.
- Boundary markers: None specified in the instructions for handling search result output.
- Capability inventory: The skill can execute subprocesses via 'npx' to install ('add') or update code on the local system.
- Sanitization: No explicit sanitization or validation of external skill descriptions is provided before presenting them to the user or executing installation commands.
Audit Metadata