fathom
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFE
Full Analysis
- [REMOTE_CODE_EXECUTION] (HIGH): The skill instructs users to install software by piping a remote script from an untrusted source directly into the bash shell (
curl -sSL https://canifi.com/skills/fathom/install.sh | bash). This allows the remote server to execute arbitrary commands on the user's host machine with the user's current privileges. - [EXTERNAL_DOWNLOADS] (HIGH): The setup instructions require downloading and executing an additional script (
https://canifi.com/install.sh) from an untrusted domain that is not part of the established safe repositories or organizations. - [CREDENTIALS_UNSAFE] (MEDIUM): The skill requests the user's email and password (
FATHOM_EMAIL,FATHOM_PASSWORD) for use in browser automation. While the skill claims these are stored locally, the combination of manual credential entry and the use of unverified installation scripts creates a significant risk of credential theft.
Recommendations
- HIGH: Downloads and executes remote code from: https://canifi.com/install.sh, https://canifi.com/skills/fathom/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata