Skills
skills/nara-chain/nara-skills/find-skills/Gen Agent Trust Hub

find-skills

Pass

Audited by Gen Agent Trust Hub on Apr 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes npx skills find, npx skills add, npx skills check, and npx skills update to manage the lifecycle of agent extensions.
  • [EXTERNAL_DOWNLOADS]: The skill facilitates downloading and installing packages from remote sources, including well-known repositories from organizations like Vercel Labs. This is the primary intended function of the discovery tool.
  • [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it processes external search results and package metadata which are then interpreted by the agent. Ingestion point: Output of the find command. Boundary markers: Absent. Capability inventory: Command execution via CLI (npx skills add). Sanitization: Absent. Given the context of a discovery utility, this is a standard operating surface.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 23, 2026, 05:54 PM