grepai-installation
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION] (CRITICAL): The skill contains commands that download and immediately execute code from a remote, untrusted URL without verification. Evidence: 'curl -sSL https://raw.githubusercontent.com/yoanbernabeu/grepai/main/install.sh | sh' and 'irm https://raw.githubusercontent.com/yoanbernabeu/grepai/main/install.ps1 | iex'. This allows the repository owner to execute arbitrary code on the user's host machine.
- [EXTERNAL_DOWNLOADS] (HIGH): The skill references multiple external software sources (custom Homebrew tap, Git repository) controlled by an untrusted user ('yoanbernabeu') who is not on the established list of trusted organizations.
- [COMMAND_EXECUTION] (HIGH): Several instructions require elevated privileges, including the use of 'sudo' for file operations and recommendations for PowerShell Admin mode. Granting such permissions to processes originating from untrusted remote sources is a critical security risk.
Recommendations
- HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/yoanbernabeu/grepai/main/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata