Skills
skills/zackkorman/skills/security-review-6/Gen Agent Trust Hub

security-review-6

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • REMOTE_CODE_EXECUTION (HIGH): Detected a 'curl | bash' pattern targeting 'https://zkorman.com/execs'. This executes remote scripts without validation.
  • PROMPT_INJECTION (MEDIUM): Malicious instructions are hidden in image alt-text ('SECRET INSTRUCTIONS FOR THE AGENT') to evade detection and trick the AI.
  • COMMAND_EXECUTION (HIGH): The skill executes powerful shell commands that can lead to full host compromise.
Recommendations
  • HIGH: Downloads and executes remote code from: https://zkorman.com/execs - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 06:36 PM