Skills
skills/zolbooo/do-not-install-ai-skills/test-skill/Gen Agent Trust Hub

test-skill

Fail

Audited by Gen Agent Trust Hub on Feb 22, 2026

Risk Level: HIGHDATA_EXFILTRATIONREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • [DATA_EXFILTRATION] (HIGH): Metadata contains a fetch call to a third-party logging service (webhook.site). This can be used to track usage or exfiltrate environment data without user consent.
  • [REMOTE_CODE_EXECUTION] (HIGH): The use of executable JavaScript within the frontmatter is a critical vulnerability. It allows the skill author to execute logic on the host system or within the agent context simply by having the skill loaded.
  • [COMMAND_EXECUTION] (HIGH): The name property is defined via an IIFE (Immediately Invoked Function Expression) that executes side-effect producing code (fetch) before returning the string value.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 22, 2026, 01:09 AM