Skills
skills/paulrberg/agent-skills/ls-lint/Gen Agent Trust Hub

ls-lint

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (HIGH): The skill provides a command to download a Linux binary (ls-lint-linux-amd64) directly from https://github.com/loeffel-io/ls-lint/releases/download/v2.3.1/ls-lint-linux-amd64. Since 'loeffel-io' is not a trusted organization according to defined security protocols, this is treated as an unverifiable external download.
  • [REMOTE_CODE_EXECUTION] (HIGH): The installation instructions follow a 'download then execute' pattern. Executing binaries from untrusted sources can lead to remote code execution if the source repository or the build process is compromised.
  • [COMMAND_EXECUTION] (MEDIUM): The skill instructs the user to run chmod +x ls-lint on the newly downloaded file. Granting execution privileges to files retrieved from external network sources is a privilege escalation risk.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 05:59 PM