onboarding
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- Remote Code Execution (HIGH): Several guides recommend piped remote execution for tool installation. Evidence: 'curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.0/install.sh | bash' in 'references/runtime-environments/nvm-setup-linux.md' and 'powershell -c "irm bun.sh/install.ps1|iex"' in 'references/other/other-windows.md'. These findings are downgraded from CRITICAL to HIGH because they represent standard installation methods for the tools described.
- Privilege Escalation (MEDIUM): The skill provides instructions that lower system security barriers or enable sensitive features. Evidence: 'Set-ExecutionPolicy RemoteSigned' in 'references/shell-terminal/powershell-setup-windows.md' and enabling Windows Sandbox via 'Enable-WindowsOptionalFeature' in 'references/security/windows-sandbox.md'.
- External Downloads (MEDIUM): The skill references downloads and installations from organizations such as 'nvm-sh' and 'github' (spec-kit) that are not on the predefined trusted list.
- Dynamic Execution (MEDIUM): The Windows Sandbox configuration in 'references/security/windows-sandbox.md' includes a logon command that executes PowerShell with an execution policy bypass.
Recommendations
- AI detected serious security threats
Audit Metadata