nix
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- REMOTE_CODE_EXECUTION (HIGH): The documentation in
references/nix-darwin.mdsuggests installing the Nix package manager by piping a remote script directly to the shell (curl | sh) fromhttps://install.determinate.systems/nix. This is a high-risk practice for arbitrary code execution from a non-whitelisted domain. - EXTERNAL_DOWNLOADS (HIGH): The skill relies on external downloads from GitHub repositories (
NixOS/nixpkgs,nix-community/home-manager) and third-party services likecachix.org. These sources are not on the trusted source whitelist. - COMMAND_EXECUTION (MEDIUM): The instructions frequently require
sudofor system configuration and useshellHookinmkShellto execute arbitrary commands upon environment activation.
Recommendations
- AI detected serious security threats
Audit Metadata