find-skills
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on executing shell commands via the
npx skillsCLI tool. This includes searching (find) and modifying the environment (add,update). - [REMOTE_CODE_EXECUTION]: The
npx skills add <package> -g -ycommand is designed to download and install executable code from external repositories (e.g., GitHub). The use of the-yflag is particularly noteworthy as it skips user confirmation prompts during installation. - [EXTERNAL_DOWNLOADS]: The skill facilitates downloading content from
skills.shand various GitHub repositories. While it mentions trusted organizations likevercel-labs, it also allows for the installation of packages from any unverified third-party repository. - [PROMPT_INJECTION]: As an indirect injection surface, the skill processes external data (search results from
npx skills find). - Ingestion points: Search results returned from the
skillsCLI which may contain descriptions or names controlled by third-party package authors. - Boundary markers: No explicit delimiters are used to separate CLI output from the agent's instructions.
- Capability inventory: The skill possesses the ability to execute shell commands and install software globally (
-g). - Sanitization: No sanitization or validation of the search results is performed before they are presented to the user or used in subsequent commands.
Audit Metadata