garmin-connect
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
- Remote Code Execution (HIGH): The README and SKILL files encourage users to execute shell scripts directly from the internet using 'curl | sh' from the eddmann/garmin-connect-cli repository, which is not a trusted source.
- External Downloads (HIGH): The install.sh script downloads pre-compiled binaries from GitHub releases without integrity checks like SHA256 checksums, exposing users to potential supply chain attacks.
- Credentials Unsafe (LOW): The application supports the GARMIN_PASSWORD environment variable for authentication, which can lead to credential exposure in process lists or logs.
- Command Execution (MEDIUM): The tool includes capabilities to delete data and upload files on the user's Garmin account, which could be abused if an agent is maliciously directed.
- Indirect Prompt Injection (LOW): The skill fetches data from external Garmin APIs that could contain attacker-controlled content, creating a surface for indirect prompt injection when this data is processed by an AI agent.
Recommendations
- HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/${REPO}/main/install.sh, https://raw.githubusercontent.com/eddmann/garmin-connect-cli/main/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata