Oracle
Warn
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill metadata and instructions recommend the installation of the
@steipete/oraclepackage via npm, which is a third-party dependency from an external source not included in the trusted vendors list. - [REMOTE_CODE_EXECUTION]: The skill documentation promotes the use of
npx -y @steipete/oracle, a command that downloads and executes code from the npm registry at runtime. - [COMMAND_EXECUTION]: The skill provides numerous commands that utilize a local binary (
oracle) to perform file system traversal, read file contents based on glob patterns, and manage network-based browser sessions. - [DATA_EXFILTRATION]: The fundamental purpose of the Oracle tool is to package local files and send them to external model providers (like OpenAI or Gemini) or remote browser automation hosts. This represents an inherent data exposure risk as it transmits local repository context to third-party endpoints, although the skill includes a warning to exclude sensitive files like secrets.
Audit Metadata