Skills
skills/malue-ai/dazee-small/skill-finder/Gen Agent Trust Hub

skill-finder

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill uses urllib.request to download markdown definitions from external GitHub repositories. While the default configuration points to trusted organizations, the code provides a mechanism for retrieving content from any repository.
  • [COMMAND_EXECUTION]: Utilizes npx to execute the skills package directly from a remote registry, which facilitates the discovery of tools within the broader ecosystem but involves running code from an external source.
  • [PROMPT_INJECTION]: The skill facilitates an attack surface for indirect prompt injection through the processing of untrusted data.
  • Ingestion points: Content is ingested from external URLs via the download_skill function.
  • Boundary markers: There are no clear delimiters or instructions that prevent the agent from accidentally following malicious instructions embedded within the downloaded markdown body.
  • Capability inventory: The skill has the capability to write to the filesystem (Path.write_text), update the local skill registry (skill_registry.yaml), and execute shell commands via npx.
  • Sanitization: No sanitization or safety filtering is applied to the instruction-bearing markdown content before it is saved and registered for use by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 04:20 PM