agent-tui
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Unverifiable Dependencies & Remote Code Execution] (CRITICAL): The skill performs remote script execution using a piped command.
- Evidence: curl -fsSL https://raw.githubusercontent.com/pproenca/agent-tui/master/install.sh | sh.
- Risk: Executing code directly from the internet via shell pipe (curl|sh) is extremely dangerous as it bypasses local inspection and allows the remote host to run arbitrary commands. The source repository 'pproenca/agent-tui' is not a trusted entity in the defined security scope, posing a high risk of system compromise.
Recommendations
- CRITICAL: Downloads and executes remote code from untrusted source(s): https://raw.githubusercontent.com/pproenca/agent-tui/master/install.sh - DO NOT USE
- AI detected serious security threats
Audit Metadata