traceability-auditor
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONNO_CODE
Full Analysis
- [Unverifiable Dependencies & Remote Code Execution] (HIGH): Automated scanners identified a blacklisted malicious URL (ID: UR4EFAFDCAD26E3E52-0200) in the requirements.md file. This indicates that the skill references known malicious infrastructure, which is a common vector for downloading and executing harmful payloads.
- [Metadata Poisoning] (MEDIUM): Malicious URLs appearing in documentation files (requirements.md) within a skill bundle can lead to system compromise if users or automated agents follow the instructions to download external resources from these untrusted sources.
- [NO_CODE] (INFO): No source code files were provided for manual analysis; however, the presence of a security alert regarding a requirements file confirms that the skill bundle contains dangerous external references.
Recommendations
- AI detected serious security threats
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata