Skills
skills/klixpert-io/wpklx/wordpress-remote-cli/Gen Agent Trust Hub

wordpress-remote-cli

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [Remote Code Execution] (CRITICAL): The skill executes a script directly from the internet using the curl | bash pattern. This is a severe vulnerability as it allows an external, unverified script to run with the full privileges of the agent.
  • Evidence: curl -fsSL https://raw.githubusercontent.com/KLIXPERT-io/wpklx/main/install.sh | bash
  • [External Downloads] (HIGH): The script is hosted at https://raw.githubusercontent.com/KLIXPERT-io/wpklx/main/install.sh. The GitHub organization KLIXPERT-io is not on the list of trusted sources, meaning the code cannot be verified for safety.
  • [Command Execution] (HIGH): Use of bash to execute external content bypasses all safety constraints and provides a direct path for system compromise, persistence, or data exfiltration.
Recommendations
  • HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/KLIXPERT-io/wpklx/main/install.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 17, 2026, 06:36 PM