dev-swarm-install-ai-code-agent
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: Fetches and executes installation scripts from trusted domains including claude.ai and gh.io.
- [COMMAND_EXECUTION]: Executes commands via system package managers like npm, brew, and winget to install software packages.
- [PROMPT_INJECTION]: Contains a potential surface for indirect prompt injection through web searches for 'other' AI agents.
- Ingestion points: Web search results for installation instructions (SKILL.md, Step 1).
- Boundary markers: Absent for untrusted external content.
- Capability inventory: Shell command execution via the Bash tool (SKILL.md, Step 4).
- Sanitization: No explicit validation or sanitization of search-derived instructions before execution.
Audit Metadata