confighub-usage-guide
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- Remote Code Execution (CRITICAL): Automated scanning detected the command
curl -fsSL https://hub.confighub.com/cub/install.sh | bash. This represents a high-severity risk of arbitrary code execution because it fetches and runs a script directly from an untrusted third-party server without any integrity checks. - External Downloads (HIGH): The skill targets
confighub.com, which is not on the list of trusted repositories or organizations, making the script source unverified and potentially malicious.
Recommendations
- HIGH: Downloads and executes remote code from: https://hub.confighub.com/cub/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata