find-skills
Warn
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill facilitates the installation and execution of external code packages from remote sources. Evidence: The instruction to use 'npx skills add owner/repo@skill -g -y' allows the agent to download and run software from GitHub repositories.
- [EXTERNAL_DOWNLOADS]: Fetches content and executable packages from external registries and code hosting platforms. Evidence: The skill interacts with 'skills.sh' and GitHub to download modular tools.
- [COMMAND_EXECUTION]: The skill performs operations by executing shell commands directly. Evidence: Uses 'npx skills' for searching, adding, checking, and updating functionality.
- [PROMPT_INJECTION]: Vulnerable to indirect prompt injection from untrusted external data. 1. Ingestion points: Skill descriptions and metadata returned from 'npx skills find' in the SKILL.md file. 2. Boundary markers: Absent; there are no instructions to delimit search results from agent instructions. 3. Capability inventory: Access to subprocess execution via 'npx skills add' across all search contexts. 4. Sanitization: None implemented to filter or escape content from the skills registry.
Audit Metadata