find-skills
Warn
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: MEDIUMREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill facilitates the installation and execution of remote code from external GitHub repositories using the 'npx skills add' command.
- [COMMAND_EXECUTION]: The skill executes shell commands using 'npx' to manage packages. It specifically instructs the agent to use the '-g' (global) and '-y' (skip confirmation) flags when installing skills, which allows for persistent system changes without direct user approval.
- [EXTERNAL_DOWNLOADS]: The skill downloads package metadata and content from 'https://skills.sh/' and remote repositories. It references well-known and reputable sources such as 'vercel-labs' and 'anthropics' for initial recommendations.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection. It ingests untrusted data from the 'npx skills find' command results. If a malicious skill author includes instructions in their skill's name or metadata, they could influence the agent's behavior during the discovery or installation process. The skill provides manual verification steps such as checking stars and install counts but lacks technical sanitization or boundary markers.
Audit Metadata