tessl-skill-review
Fail
Audited by Gen Agent Trust Hub on Jun 24, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill instructs the agent to install a third-party tool using the command
curl -fsSL https://get.tessl.io | sh. This is a high-risk pattern that executes a remote script with shell privileges without verification or integrity checks. - [COMMAND_EXECUTION]: The file
scripts/review.shis a bash script included in the skill that facilitates the execution of external binaries and the potential installation of remote code via the shell. - [EXTERNAL_DOWNLOADS]: The skill performs network requests to
get.tessl.ioto retrieve executable content. The source is not a recognized trusted vendor or well-known service infrastructure. - [PROMPT_INJECTION]: The skill is designed to ingest and analyze external
SKILL.mdfiles or directories. This represents a surface for indirect prompt injection where malicious instructions embedded in the analyzed data could influence the agent's behavior during the review process. - Ingestion points:
SKILL.mdand local file paths processed by thetessl skill reviewcommand. - Boundary markers: None identified in the prompt instructions to isolate data from commands.
- Capability inventory: The agent has the ability to execute shell commands and access the local file system.
- Sanitization: No evidence of input validation or sanitization before processing external skill files.
Recommendations
- HIGH: Downloads and executes remote code from: https://get.tessl.io - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata