ui-ux-pro-max
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- COMMAND_EXECUTION (HIGH): The skill repeatedly instructs the agent to execute a local script
.claude/skills/ui-ux-pro-max/scripts/search.pywhile interpolating user-provided keywords directly into the shell command string. A malicious user could provide a keyword like\"; rm -rf /; #\"to execute arbitrary commands on the host system. - COMMAND_EXECUTION (HIGH): The skill contains instructions to execute
sudo apt update && sudo apt install python3. Executing commands withsudo(superuser) privileges is a high-risk activity that grants the skill full control over the operating system. - REMOTE_CODE_EXECUTION (MEDIUM): The skill relies on an external/local script (
search.py) that is not provided in the source file. The behavior of this script is unverifiable, and the agent is instructed to run it with various parameters. - INDIRECT_PROMPT_INJECTION (HIGH): The skill has a high-capability ingestion surface. It takes untrusted user input (product types, keywords) and uses it to construct shell commands. There are no boundary markers or sanitization logic mentioned to prevent the agent from being coerced into executing malicious shell code.
Recommendations
- AI detected serious security threats
Audit Metadata