Skills
skills/tkarakai/ai-agent-instruction-templates/load-template/Gen Agent Trust Hub

load-template

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • Remote Code Execution (HIGH): The skill executes a remote script via piped curl to bash from an untrusted GitHub repository (tkarakai/ai-agent-instruction-templates). This allows for arbitrary code execution on the user's system.
  • External Downloads (MEDIUM): The skill downloads instruction templates from a repository not listed as a trusted external source, bypassing standard security reviews.
  • Prompt Injection (LOW): The skill presents an attack surface for indirect prompt injection.
  • Ingestion points: Template files such as AGENTS.md and template.yaml are downloaded into the .agents/ directory.
  • Boundary markers: Absent. No delimiters or warnings are provided to the agent to disregard instructions within the downloaded content.
  • Capability inventory: The execution block in SKILL.md facilitates shell execution (bash) and network access (curl).
  • Sanitization: Absent. There is no evidence of validation or sanitization of the downloaded template content before processing.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 06:43 PM