find-best-skill
Fail
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill implements a workflow to fetch SKILL.md instruction files from arbitrary, user-provided URLs and pass the content to the Agent tool for execution in subagent sessions. This pattern enables the execution of untrusted remote logic.
- [EXTERNAL_DOWNLOADS]: The skill uses the WebFetch tool to retrieve content from external domains. While it includes specific logic for GitHub repositories, it also supports fetching from any provided URL.
- [COMMAND_EXECUTION]: The skill uses the Bash tool to create timestamped output directories with names derived from user-supplied skill names. Failure to strictly sanitize these names could lead to command injection via shell metacharacters.
- [PROMPT_INJECTION]: The skill includes an 'inference mode' that picks skills based on keyword overlap with user input, creating a surface where a user could be subtly directed toward comparing and thus executing specific malicious skills.
Recommendations
- AI detected serious security threats
Audit Metadata