deployment
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- Remote Code Execution (CRITICAL): The skill uses the pattern 'curl | sh' to execute a remote script from 'https://fly.io/install.sh'. This method provides no way to verify the script's integrity before execution.
- External Downloads (HIGH): The skill fetches executable content from an external domain that is not included in the 'Trusted External Sources' whitelist, increasing the risk of supply chain attacks.
Recommendations
- CRITICAL: Downloads and executes remote code from untrusted source(s): https://fly.io/install.sh - DO NOT USE
- AI detected serious security threats
Audit Metadata