related-skill
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION] (HIGH): The skill's allowed-tools configuration permits 'Bash(npx skills *)', which utilizes the npx package runner to download and execute remote code at runtime. This allows for arbitrary code execution on the host system.
- [EXTERNAL_DOWNLOADS] (HIGH): The skill is designed to fetch and install packages from the 'inference.sh' registry. As this domain and organization are not on the verified trusted sources list, all downloads and installations are considered unverified and potentially malicious.
- [COMMAND_EXECUTION] (MEDIUM): The skill provides the agent with the capability to manage its own executable environment by adding, updating, or removing skills via shell commands, which can lead to unauthorized system changes or persistence if abused.
Recommendations
- AI detected serious security threats
Audit Metadata