contribute-skill
Warn
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill's instructions recommend using the environment variable
GIT_SSL_NO_VERIFY=1when executinggitandghcommands in sandbox environments. This disables SSL certificate validation, which is a critical security control, thereby exposing repository operations (cloning and pushing) to Man-in-the-Middle (MITM) attacks. - [EXTERNAL_DOWNLOADS]: The skill initiates repository cloning from external GitHub sources. Although the destination is the vendor's own organization, the guidance to bypass TLS verification for these downloads is an unsafe security practice that compromises the integrity of the downloaded content.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it reads and processes local skill data from
.agents/skills/without programmatic sanitization or boundary markers. Although Step 4 instructs the user to perform a manual security review, the underlying capability to move unsanitized data to an upstream repository represents a vulnerability to malicious instructions embedded in local files.
Audit Metadata