github-actions
Fail
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill instructs users to install the 'act' utility on Linux by piping a script from a remote URL (https://raw.githubusercontent.com/nektos/act/master/install.sh) directly into bash. This pattern executes unverified remote code without allowing for integrity checks or review.\n- [COMMAND_EXECUTION]: The installation command for the 'act' utility utilizes 'sudo', granting root-level privileges to a script downloaded from an external repository. This significantly increases the potential damage if the remote source is compromised or malicious.\n- [REMOTE_CODE_EXECUTION]: The skill promotes the installation of 'actionlint' using 'go install' from an external repository (github.com/rhysd/actionlint). While common for Go developers, fetching and executing code from non-verified third-party repositories presents a supply chain risk.
Recommendations
- AI detected serious security threats
Audit Metadata