Skills
skills/eng0ai/eng0-template-skills/denuvo-slides/Gen Agent Trust Hub

denuvo-slides

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill clones a repository from https://github.com/Eng0AI/denuvo-slides-template.git. This repository and author are not on the list of trusted external sources, meaning the content has not been verified for safety.
  • COMMAND_EXECUTION (MEDIUM): Immediately after cloning, the skill instructs the agent to run pnpm install and pnpm build. This is a high-risk operation because a malicious package.json in the downloaded template could contain preinstall or postinstall scripts that execute arbitrary code on the host system.
  • CREDENTIALS_UNSAFE (LOW): The deployment instructions utilize the $VERCEL_TOKEN environment variable. While this is a standard practice for the Vercel CLI, it creates a surface where the token could be exposed in shell histories or logs if the agent environment is not properly isolated.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:11 PM