find-skills
Warn
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: MEDIUMREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill provides instructions for the agent to install and execute code from arbitrary remote GitHub repositories using the
npx skills add <owner/repo@skill>command. - [COMMAND_EXECUTION]: Recommends the use of the
-yflag in the installation commandnpx skills add <package> -g -y, which bypasses user confirmation prompts and human review before code is executed on the system. - [COMMAND_EXECUTION]: Suggests global installation of skills using the
-gflag, which increases the potential system-wide impact of any installed code. - [EXTERNAL_DOWNLOADS]: Encourages downloading and running content from various unverified external sources identified through the search command, including non-trusted repositories.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8). Ingestion points: Results from
npx skills find [query](SKILL.md). Boundary markers: None present to distinguish search results from system instructions. Capability inventory:npx skills addandnpx skills update(RCE) in SKILL.md. Sanitization: None present to validate the safety of returned skill names or repositories.
Audit Metadata