qwencloud-model-selector
Warn
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands and Python scripts. This includes running check_update.py from a sibling directory and gossamer.py from a local scripts directory not present in the bundle. It also directs the agent to scan filesystem paths including ~/.claude and ~/.agent.
- [REMOTE_CODE_EXECUTION]: The 'Update Check' routine utilizes npx skills add to download and execute software from a remote repository, introducing the risk of executing unverified external code.
- [EXTERNAL_DOWNLOADS]: The skill facilitates the downloading of additional components (specifically qwencloud-update-check) from the NPM registry when prompted for updates.
- [PROMPT_INJECTION]: The SKILL.md file contains several authoritative and mandatory instructions (e.g., '🚨 NEVER fabricate', 'MANDATORY Post-Execution', 'CRITICAL — NO EXCEPTIONS') that enforce specific behavioral constraints and disclaimers, which are designed to override the agent's default processing logic.
Audit Metadata