Skills
skills/soul-brews-studio/oracle-skills-cli/oracle-soul-sync-calibrate-update/Gen Agent Trust Hub

oracle-soul-sync-calibrate-update

Fail

Audited by Gen Agent Trust Hub on Feb 20, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • [Unverifiable Dependencies & Remote Code Execution] (HIGH): The skill uses bunx to download and install code directly from a non-whitelisted GitHub repository (Soul-Brews-Studio/oracle-skills-cli). This repository is not part of the trusted organization list, making the execution of its contents high-risk.
  • Evidence: ~/.bun/bin/bunx --bun oracle-skills@github:Soul-Brews-Studio/oracle-skills-cli#$LATEST install -g -y
  • [Command Execution] (MEDIUM): The skill performs global package installations and uninstalls (-g flag), which modifies the system state beyond the agent's local environment.
  • Evidence: oracle-skills uninstall -g -y
  • [Indirect Prompt Injection] (LOW): The $LATEST variable is populated from an external API (api.github.com) and interpolated directly into a shell command. An attacker with control over the repository's tags could potentially inject malicious shell characters into the tag name to achieve command execution on the host.
  • Ingestion points: SKILL.md (via curl to GitHub API)
  • Boundary markers: None
  • Capability inventory: Shell execution via bunx, curl, and oracle-skills CLI
  • Sanitization: None detected; the version string is used directly in the shell script.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 20, 2026, 04:58 AM