sk
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill downloads and installs 'skills' from 'https://github.com/lambdamechanic/skills', which is not a trusted source according to the security guidelines. This could introduce malicious instructions or scripts into the agent's environment.
- [COMMAND_EXECUTION] (MEDIUM): The skill instructs the agent to execute a local binary 'target/debug/sk'. Running unverified binaries is a significant security risk as the binary's internal operations are opaque and it has access to the local file system and network.
- [REMOTE_CODE_EXECUTION] (MEDIUM): The 'sk install' and 'sk upgrade' workflows fetch remote data that is subsequently treated as executable logic (skills) by the agent, creating a vector for remote instruction or code injection.
- [DATA_EXFILTRATION] (LOW): The 'sk sync-back' feature pushes local files to a remote repository. While intended for collaboration, this capability could be used to exfiltrate sensitive data if the agent is directed to sync directories containing secrets or credentials.
Audit Metadata