Skills
skills/observerw/skill-creator-skill/skill-creator/Gen Agent Trust Hub

skill-creator

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [REMOTE_CODE_EXECUTION] (CRITICAL): The file references/scripts.md instructs the agent to install the uv tool by running curl -LsSf https://astral.sh/uv/install.sh | sh. This is a piped remote execution pattern from an untrusted source (astral.sh), which is not in the list of trusted providers. This allows arbitrary code execution with the user's shell privileges without prior verification or hashing.
  • [EXTERNAL_DOWNLOADS] (MEDIUM): The skill documentation (in references/scripts.md) encourages the agent to use uv to manage and install third-party Python dependencies at runtime using inline metadata. This dynamic installation of unverified packages poses a supply chain risk, as it allows for the execution of untrusted code from external package registries.
  • [COMMAND_EXECUTION] (LOW): The skill includes scripts (scripts/package_skill.py and scripts/quick_validate.py) that perform file system operations and zip creation. While these are currently focused on skill packaging, they establish a baseline capability for the agent to manipulate local files and execute Python code.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 17, 2026, 06:31 PM