Skills
skills/rexleimo/rex-cli/find-skills/Gen Agent Trust Hub

find-skills

Pass

Audited by Gen Agent Trust Hub on Apr 15, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill connects to https://skills.sh/ to retrieve metadata and can download package content from various GitHub repositories.
  • [REMOTE_CODE_EXECUTION]: Uses the npx skills add command to install and execute external skill modules. The instructions advocate for using the -y flag, which allows for installation and execution without interactive user confirmation.
  • [COMMAND_EXECUTION]: Executes shell-based CLI commands (npx skills find, add, check, update) to manage the local agent environment.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) by processing untrusted metadata from a public registry.
  • Ingestion points: Metadata and descriptions returned by the npx skills find command (SKILL.md).
  • Boundary markers: Absent; there are no clear delimiters or instructions for the agent to ignore potentially malicious content within skill descriptions.
  • Capability inventory: The skill has the capability to modify the agent's environment by adding or updating executable code via npx skills (SKILL.md).
  • Sanitization: There is no evidence of sanitization or validation of the text retrieved from the external registry before it is parsed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 15, 2026, 02:02 AM