Skills
skills/quick-brown-foxxx/pyqt-agent-infra/qt-dev-tools-setup/Gen Agent Trust Hub

qt-dev-tools-setup

Warn

Audited by Gen Agent Trust Hub on Apr 7, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes multiple shell commands for VM management and tool interaction using uvx, uv run, and virsh. This includes system-level network configuration via virsh and software installation via sudo apt-get in the virtual environment.
  • [EXTERNAL_DOWNLOADS]: Uses the uvx command to fetch and execute the qt-ai-dev-tools package from external registries. This tool is an unverifiable third-party dependency not associated with a known trusted vendor.
  • [REMOTE_CODE_EXECUTION]: Provides a self-update feature that downloads and replaces local toolkit source code from a remote source, which can result in the execution of unverified logic.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 7, 2026, 10:19 PM