gemini-chat
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADS
Full Analysis
- [Remote Code Execution] (HIGH): The skill contains instructions to execute remote code via
curl -sSL https://canifi.com/skills/gemini-chat/install.sh | bash. Piped remote execution is a high-risk pattern that allows an untrusted third party to execute arbitrary commands on the host system without prior review. - [External Downloads] (HIGH): The skill relies on scripts hosted at
canifi.com, which is not a trusted source according to security guidelines. This includes both the skill installer and thecanifi-envsetup utility. - [Credentials Unsafe] (HIGH): The documentation requests users to input sensitive information, including
GOOGLE_EMAILandSERVICE_PASSWORD, into thecanifi-envtool. Since the tool itself is installed via an untrusted remote script, there is no guarantee that these credentials are kept local or secure. - [Command Execution] (HIGH): The installation process involves direct shell command execution of unverified scripts, providing a significant attack surface for persistence or privilege escalation.
Recommendations
- HIGH: Downloads and executes remote code from: https://canifi.com/install.sh, https://canifi.com/skills/gemini-chat/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata