sketch
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFE
Full Analysis
- Remote Code Execution (CRITICAL): The skill explicitly commands the user to run
curl -sSL https://canifi.com/skills/sketch/install.sh | bash. This allows an untrusted third party (canifi.com) to execute arbitrary code on the user's system with shell privileges. - External Downloads (HIGH): The skill relies on multiple scripts from a non-trusted external source (
canifi.com). Per security guidelines, only specific repositories (e.g., Vercel, Anthropic, Google) are considered trusted; this source is unknown and risky. - Credentials Unsafe (HIGH): The documentation instructs users to set
SKETCH_PASSWORDas an environment variable viacanifi-env. Storing secrets in environment variables is a common security anti-pattern as they are often logged or exposed to other processes. - Data Exposure (MEDIUM): The authentication flow mentions handling 2FA via iMessage. This suggests the skill or its associated tools may attempt to read the user's private macOS message database (
chat.db), presenting a significant privacy risk.
Recommendations
- HIGH: Downloads and executes remote code from: https://canifi.com/install.sh, https://canifi.com/skills/sketch/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata