nak
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- REMOTE_CODE_EXECUTION (CRITICAL): The automated scan detected a pattern where a script is downloaded from
https://raw.githubusercontent.com/fiatjaf/nak/master/install.shand executed locally. This allows an unverified third party to run arbitrary commands on the system. - EXTERNAL_DOWNLOADS (HIGH): The skill utilizes
curlto fetch executable content from a non-trusted repository (fiatjaf/nak), which falls outside the scope of allowed trusted organizations and repositories.
Recommendations
- CRITICAL: Downloads and executes remote code from untrusted source(s): https://raw.githubusercontent.com/fiatjaf/nak/master/install.sh - DO NOT USE
- AI detected serious security threats
Audit Metadata