grepai-ollama-setup
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- Unverifiable Dependencies & Remote Code Execution (HIGH): The skill provides instructions for Linux users to run 'curl -fsSL https://ollama.com/install.sh | sh'. This piped-to-shell pattern is a critical execution risk because it runs unverified code from the internet. It is classified as HIGH here rather than CRITICAL because it is the primary, documented installation method for the legitimate tool the skill is designed to set up.
- Privilege Escalation (MEDIUM): The skill includes commands that require 'sudo' for administrative tasks like enabling systemd services. This is a medium risk finding as it is associated with the primary setup purpose.
- Persistence Mechanisms (MEDIUM): The use of 'systemctl enable' to ensure Ollama runs in the background at startup is a persistence mechanism. It is downgraded to medium risk because it is necessary for the skill's functionality.
- External Downloads (LOW): The skill involves downloading binary installers and large model files from ollama.com, which is an external source not included in the trusted whitelist.
- Command Execution (HIGH): Multiple shell commands are executed for installation, service control, and local API verification, which could be exploited if the inputs were manipulated.
Recommendations
- HIGH: Downloads and executes remote code from: https://ollama.com/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata