Skills
skills/terminalskills/skills/xray/Gen Agent Trust Hub

xray

Fail

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill uses the command bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" to install software. This pattern fetches and executes code from a third-party source without integrity verification, which is a high-risk security practice.
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute high-privilege system commands including systemctl for service management, apt for package installation, and ufw for firewall configuration. These commands modify system configuration and security settings.
  • [EXTERNAL_DOWNLOADS]: The skill performs network requests to GitHub to download an installation script and interacts with Let's Encrypt via certbot to manage TLS certificates, which involves writing to protected system directories.
Recommendations
  • HIGH: Downloads and executes remote code from: https://github.com/XTLS/Xray-install/raw/main/install-release.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 29, 2026, 07:10 AM