developing-tessl-skills
Fail
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill instructions require installing the Tessl CLI using 'curl -fsSL https://get.tessl.io | sh'. This piped-to-shell pattern allows for the execution of arbitrary, unverified code from a remote source. \n- [EXTERNAL_DOWNLOADS]: The skill fetches installation scripts from https://get.tessl.io, which is an external domain not included in the trusted vendor list. \n- [COMMAND_EXECUTION]: The skill relies on the execution of multiple CLI commands locally, including 'tessl skill review' and 'tessl skill lint', to fulfill its core functionality. \n- [PROMPT_INJECTION]: The skill processes user-provided SKILL.md and tile.json files, exposing it to indirect prompt injection. \n
- Ingestion points: Local skill definition files (SKILL.md, tile.json). \n
- Boundary markers: None; the skill lacks instructions to ignore potential commands embedded in the processed content. \n
- Capability inventory: Modifies files and executes CLI tools based on the results of the processing step. \n
- Sanitization: No content validation or sanitization is indicated for the ingested files before they are passed to the CLI tools.
Recommendations
- HIGH: Downloads and executes remote code from: https://get.tessl.io - DO NOT USE without thorough review
Audit Metadata