Skills
skills/magammon/skills-only-install-project-claude/find-skills/Gen Agent Trust Hub

find-skills

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [REMOTE_CODE_EXECUTION] (CRITICAL): The skill is primarily a wrapper for installing and running remote code via the npx skills add command. The explicit instruction to use the -y flag allows the agent to execute arbitrary external packages without any human-in-the-loop confirmation.
  • [EXTERNAL_DOWNLOADS] (HIGH): The skill encourages downloading code from untrusted external sources, specifically allowing any GitHub repository (<owner/repo@skill>) to be used as a source for executable skills.
  • [COMMAND_EXECUTION] (HIGH): The skill provides instructions for the agent to execute shell commands (npx, bash) to perform package management tasks. When combined with unverified remote sources, this provides a direct path for system compromise.
  • [PROMPT_INJECTION] (HIGH): This skill exposes a massive Indirect Prompt Injection surface (Category 8). It ingests untrusted user input as search queries, searches a public ecosystem for matching code, and then provides the mechanism to execute that code. Ingestion Point: npx skills find [query]. Boundary Markers: None. Capability Inventory: Command execution (npx), remote download, and installation. Sanitization: None. A malicious actor could name a skill to match common queries and gain execution on the user's system.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 16, 2026, 04:32 AM