Skills
NYC
skills/smithery/ai/skill-lookup/Gen Agent Trust Hub

skill-lookup

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (HIGH): The skill retrieves metadata and file contents (including scripts) from prompts.chat, which is not a trusted source. There is no mechanism to verify the integrity or safety of these downloads.
  • [REMOTE_CODE_EXECUTION] (HIGH): By saving downloaded scripts and helper files to the .claude/skills/ directory, the skill creates a direct path for the installation and potential execution of arbitrary code provided by an external source.
  • [PROMPT_INJECTION] (LOW): The skill has a surface for indirect prompt injection (Category 8) as it processes external content without validation.
  • Ingestion points: Data returned by search_skills and file contents from get_skill.
  • Boundary markers: Absent; the instructions do not define delimiters or warnings to ignore embedded commands within the downloaded content.
  • Capability inventory: Local file writing and expansion of agent capabilities.
  • Sanitization: Absent; content is saved directly to disk without escaping or verification.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 06:27 PM