huginn-onboard
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- Remote Code Execution (CRITICAL): The skill explicitly includes commands to download and execute shell scripts directly from untrusted GitHub repositories (welttowelt and keep-starknet-strange) using the 'curl | bash' pattern. Evidence: SKILL.md contains 'curl -sSL https://raw.githubusercontent.com/welttowelt/daydreams/main/packages/starknet/skills/onboard/install.sh | bash' and META-SKILL.md contains 'curl -sSL https://raw.githubusercontent.com/keep-starknet-strange/starknet-agentic/main/skills/huginn-onboard/meta-install.sh | bash'.
- External Downloads (HIGH): The skill downloads executable content from GitHub organizations that are not on the trusted sources list (welttowelt and keep-starknet-strange), creating a high risk of supply chain attack or execution of malicious code.
- Command Execution (MEDIUM): The skill requests broad 'Bash' tool access and performs multiple CLI operations, which provides the necessary environment for the identified RCE patterns to be exploited.
Recommendations
- HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/welttowelt/daydreams/main/packages/starknet/skills/onboard/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata