Skills
skills/happenings-community/requests-and-offers/Holochain Development/Gen Agent Trust Hub

Holochain Development

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION] (HIGH): The skill triggers the execution of remote scripts directly through the shell. Automated scans detected curl | sh for the Nix installer and curl | bash for the Bun installer. This allows arbitrary code execution from external servers.\n- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill downloads software from install.determinate.systems and bun.sh. These domains are not in the predefined trusted list, and therefore the downloads represent unverified external dependencies.\n- [COMMAND_EXECUTION] (MEDIUM): The skill executes a local script setup-holochain-dev.sh to automate environment setup. The documentation notes this script is over 400 lines long, which makes manual verification difficult and increases the risk of hidden malicious commands.\n- [PROMPT_INJECTION] (LOW): The skill utilizes Rust code templates (integrity-zome.template.rs) that rely on string interpolation of user-provided variables like {{DOMAIN_NAME}}. This creates a surface for Indirect Prompt Injection. Evidence Chain: 1. Ingestion points: integrity-zome.template.rs. 2. Boundary markers: Absent. 3. Capability inventory: Script execution and zome generation. 4. Sanitization: Absent.
Recommendations
  • HIGH: Downloads and executes remote code from: https://bun.sh/install, https://install.determinate.systems/nix - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 07:53 PM