beads-task-tracker
Fail
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- Remote Code Execution (CRITICAL): Automated scans detected an installation command that pipes a remote script from an untrusted repository into bash. Evidence:
curl -fsSL https://raw.githubusercontent.com/steveyegge/beads/main/scripts/install.sh | bash. This allows the repository owner to execute arbitrary code on the system.\n- External Downloads (HIGH): The skill downloads code from a repository (steveyegge/beads) that is not on the trusted organizations list. Source:https://raw.githubusercontent.com/steveyegge/beads/main/scripts/install.sh.\n- Prompt Injection (LOW): The skill contains an indirect prompt injection surface through data ingestion commands. (1) Ingestion point:bd create -f [file]inreferences/quick-reference.md. (2) Boundary markers: Absent. (3) Capability inventory: Full set ofbdtool commands including task management, dependency tracking, and export/import. (4) Sanitization: Not specified or documented in the reference.
Recommendations
- HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/steveyegge/beads/main/scripts/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata