strapi-expert
Fail
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The README.md file contains multiple download links to a ZIP archive (skill-claude-expert-strapi-1.0.zip) hosted on the author's personal GitHub repository (https://github.com/MKShahzad77/claude-skill-strapi-expert/raw/refs/heads/main/commodatum/skill-claude-expert-strapi-1.0.zip). This link is promoted as the primary installation method for the expert system.\n- [COMMAND_EXECUTION]: The README.md instructs users to manually execute platform-specific binary files (.exe for Windows, .dmg for macOS) or run an installation script from the terminal to 'install' the skill. AI agent skills are typically configuration-based and do not require the installation of local executable software. This pattern is highly irregular and poses a severe security risk of system compromise or malware delivery.
Recommendations
- AI detected serious security threats
Audit Metadata