find-skills
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- REMOTE_CODE_EXECUTION (HIGH): The skill's primary purpose is to facilitate the installation and execution of remote code. By using
npx skills add <package>, the agent is instructed to pull code from external repositories (e.g., GitHub) and integrate it into the local environment. - COMMAND_EXECUTION (HIGH): The skill specifically instructs the agent to use the
-yflag (npx skills add <package> -g -y). This is a dangerous pattern that explicitly bypasses user confirmation prompts, allowing for the silent installation of potentially malicious software. - EXTERNAL_DOWNLOADS (HIGH): The skill relies on an 'open agent skills ecosystem' to source its functionality. Since any user can contribute to this ecosystem, the agent is exposed to unverifiable third-party code that could perform unauthorized actions upon installation.
- PROMPT_INJECTION (MEDIUM): The skill is vulnerable to indirect prompt injection. Malicious skills in the ecosystem could use deceptive names or descriptions in search results to trick the agent into installing a high-privilege backdoor or executing malicious commands under the guise of a helpful tool.
Recommendations
- AI detected serious security threats
Audit Metadata