Skills
skills/jason-qweb/agent-skills/find-skills/Gen Agent Trust Hub

find-skills

Warn

Audited by Gen Agent Trust Hub on Mar 8, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill relies on shell command execution via the npx skills CLI to interact with the environment and manage packages.
  • [EXTERNAL_DOWNLOADS]: The skill facilitates the discovery and download of packages from external sources including skills.sh and arbitrary GitHub repositories. It neutrally references trusted sources like Vercel Labs for configuration and guidelines.
  • [REMOTE_CODE_EXECUTION]: The primary function of the skill is the installation and execution of external code. The provided instructions specifically advise the agent to use the -y flag to skip confirmation prompts and -g for global installation, allowing for the autonomous deployment and execution of potentially unverified third-party logic.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 8, 2026, 05:13 AM