skill-seekers
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the 'skill-seekers' package from PyPI and references the GitHub repository 'yusufkaraaslan/Skill_Seekers', which are not on the trusted vendors list.
- [COMMAND_EXECUTION]: The agent is instructed to run several CLI commands that execute local subprocesses and modify system directories, such as the Cursor skills path.
- [CREDENTIALS_UNSAFE]: The tool utilizes environment variables for sensitive API keys (Anthropic, GitHub, Google, OpenAI) and stores configuration data, including potential tokens, in '~/.config/skill-seekers/config.json'.
- [DATA_EXFILTRATION]: The skill contains commands to upload packaged data to external AI service endpoints.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the ingestion of untrusted external data.
- Ingestion points: It retrieves content from arbitrary documentation URLs, GitHub issues, and local or remote PDF files.
- Boundary markers: No markers or instructions are identified that separate data from agent instructions during processing.
- Capability inventory: The skill can execute local CLI tools, perform network requests, and write to the filesystem.
- Sanitization: There is no mention of sanitizing or validating ingested content before it is used for AI enhancement or skill generation.
Audit Metadata