find-skills
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Utilizes the
npx skillscommand line tool to search, add, check, and update agent capabilities. - [COMMAND_EXECUTION]: Recommends global installation (
-g) of packages, which typically affects the user's system environment and may require elevated permissions. - [EXTERNAL_DOWNLOADS]: Fetches skill data and package information from the
skills.shregistry and external GitHub repositories. - [EXTERNAL_DOWNLOADS]: Directs the agent to utilize trusted resources such as the Vercel Labs official agent skills repository.
- [REMOTE_CODE_EXECUTION]: Provides instructions to download and execute remote code via
npx skills addwith the-yflag, which bypasses confirmation prompts during installation. - [PROMPT_INJECTION]: Vulnerable to indirect prompt injection as it ingests and processes search results from the third-party
skills.shregistry. - Ingestion points: Output from the
npx skills findcommand as described in SKILL.md. - Boundary markers: No specific delimiters or safety warnings are provided for handling results from the external registry.
- Capability inventory: Ability to execute shell commands, install software, and modify the agent's environment.
- Sanitization: The skill does not define methods for sanitizing or validating descriptions and instructions retrieved from external package metadata.
Audit Metadata