Skills
skills/skillatlas/skills/find-awesome-skills/Gen Agent Trust Hub

find-awesome-skills

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches skill definitions and metadata from external sources using the npx skillatlas command.
  • [COMMAND_EXECUTION]: Executes CLI operations via npx to find, review, and install skills on the host system.
  • [SAFE]: Implements a comprehensive security review workflow that instructs the agent to treat third-party content as untrusted and specifically scan for prompt injections, credential theft, and unauthorized network operations.
  • [PROMPT_INJECTION]: The skill defines a Category 8 (Indirect Prompt Injection) attack surface by ingesting untrusted skill data from external repositories during the review process. It mitigates this risk by providing clear boundary markers—instructing the agent to treat candidate content as untrusted—and requiring a capability inventory and manual audit before executing installation commands.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 02:09 PM