find-skills
Warn
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on executing shell commands via the npx utility to interact with the Skills CLI. Evidence: Commands like npx skills find, npx skills add, npx skills check, and npx skills update are used to manage agent capabilities.
- [EXTERNAL_DOWNLOADS]: The skill facilitates downloading code packages from external repositories. Evidence: The npx skills add command is designed to fetch and install content from GitHub or other external sources.
- [REMOTE_CODE_EXECUTION]: Installation of new skills can lead to the execution of code from remote sources. Evidence: The agent is instructed to use the -y flag, which automatically accepts installation prompts and allows for the silent execution of code from the downloaded packages.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface. Ingestion points: User-provided search queries and repository identifiers. Boundary markers: No delimiters or warnings are used to distinguish user data from system instructions. Capability inventory: The skill allows the agent to execute shell commands and install packages globally. Sanitization: No filtering or validation of repository sources is performed.
Audit Metadata