try-unblocked
Fail
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- REMOTE_CODE_EXECUTION (HIGH): The skill executes a remote script from an untrusted source by piping a curl command directly to bash (curl -fsSL https://getunblocked.com/install.sh | bash). This is a high-risk pattern as it executes unverified code with system privileges from a domain not present in the trusted source list.
- EXTERNAL_DOWNLOADS (MEDIUM): The skill initiates a download from getunblocked.com, which is not a verified trusted organization per the security guidelines.
- COMMAND_EXECUTION (LOW): The skill executes several shell commands (which, unblocked help, unblocked auth) to check the environment state and configure local tools.
- PROMPT_INJECTION (LOW): Indirect Prompt Injection Surface. The skill is designed to ingest data from external sources such as Slack, Jira, and GitHub PRs to provide engineering context. Evidence Chain: 1. Ingestion point: Context retrieval via the Unblocked CLI/MCP server. 2. Boundary markers: The 'Agent Behavior Contract' requires explicit user approval before executing actions, mitigating accidental obedience. 3. Capability inventory: Command execution and browser interaction capabilities. 4. Sanitization: No sanitization or escaping of the external data is specified in the provided scripts.
Recommendations
- HIGH: Downloads and executes remote code from: https://getunblocked.com/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata