frankenphp
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION] (CRITICAL): The skill is associated with a verified detection of the command 'curl https://frankenphp.dev/install.sh | sh'. This 'pipe to shell' pattern from a non-whitelisted domain constitutes critical risk.
- [COMMAND_EXECUTION] (HIGH): Installation logic relies on executing unvalidated shell scripts, which grants the script author full control over the local environment.
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill depends on resources from 'frankenphp.dev', which is not a verified trusted source according to the established security protocol.
Recommendations
- HIGH: Downloads and executes remote code from: https://frankenphp.dev/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata