find-skills
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
npx skillscommand to perform searches and manage the lifecycle of other agent skills.- [REMOTE_CODE_EXECUTION]: Instructions are provided for the agent to install third-party code packages usingnpx skills add. While this involves executing remote code, the skill explicitly mandates a verification step to check installation counts and source reputation.- [EXTERNAL_DOWNLOADS]: The skill facilitates downloading configuration and code from external sources, specifically the skills.sh registry and GitHub repositories.- [PROMPT_INJECTION]: The skill processes untrusted search results from an external registry, which represents a surface for indirect prompt injection. - Ingestion points: Output from
npx skills find [query]is processed by the agent to make recommendations (SKILL.md). - Boundary markers: No explicit delimiters are specified for the search result output.
- Capability inventory: Ability to execute shell commands (
npx skills add) which can install and run external code. - Sanitization: Step 4 provides a mandatory manual verification protocol for the agent to validate the trustworthiness of external sources based on install metrics and vendor reputation.
Audit Metadata