skill-installer
Fail
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The skill requires the agent to execute a local Python script (
install_skill.py) to manage installations and detect system harnesses. This script performs direct filesystem operations on the host device.\n- [EXTERNAL_DOWNLOADS] (HIGH): The 'catalog' feature utilizes therequestslibrary to fetch and download skills from remote sources. If the sources are not strictly whitelisted, this allows for the retrieval and installation of arbitrary malicious code.\n- [REMOTE_CODE_EXECUTION] (HIGH): By placing scripts into directories like~/.claude/skills/or~/.config/goose/skills/, the skill enables a persistent vector for code execution. Any 'skill' installed via this tool can execute with the same permissions as the AI agent itself.
Recommendations
- AI detected serious security threats
Audit Metadata