Skills
skills/plaited/development-skills/validate-skill/Gen Agent Trust Hub

validate-skill

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill uses bunx @plaited/development-skills to fetch code from the npm registry. The @plaited organization is not a recognized trusted source, making the dependency unverifiable.
  • REMOTE_CODE_EXECUTION (HIGH): The use of bunx to execute an unverified third-party package allows for arbitrary code execution on the host machine at runtime.
  • INDIRECT PROMPT_INJECTION (HIGH): The skill has a high-risk attack surface as it is intended to process untrusted data (specifically for "Reviewing PRs").
  • Ingestion points: The [paths...] argument in SKILL.md allows the agent to ingest arbitrary directories.
  • Boundary markers: None identified. There are no instructions to the agent to ignore embedded commands or instructions within the validated files.
  • Capability inventory: The skill has Bash access and executes code via bunx (File: SKILL.md).
  • Sanitization: No evidence of input validation or sanitization is present in the skill's instructions.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 12:43 AM