Skills
skills/aradotso/ai-agent-skills/pixel-agents-vscode/Gen Agent Trust Hub

pixel-agents-vscode

Warn

Audited by Gen Agent Trust Hub on May 17, 2026

Risk Level: MEDIUMPROMPT_INJECTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill promotes the use of the --dangerously-skip-permissions flag for AI agents, which disables the human-in-the-loop requirement for tool usage. This allows agents to autonomously perform high-risk actions like executing shell commands or modifying system files without user approval.
  • [DATA_EXFILTRATION]: The extension monitors and reads the .claude/projects/ directory to access transcript.jsonl files. These files contain the complete history of agent interactions, command outputs, and internal reasoning, which represents a significant exposure of sensitive data.
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions for installing a third-party VS Code extension and cloning code from a GitHub repository (github.com/pablodelucca/pixel-agents.git).
  • [COMMAND_EXECUTION]: The extension executes various shell commands to install the Claude Code CLI and manage multiple agent sessions within the VS Code environment.
  • [REMOTE_CODE_EXECUTION]: The extension supports loading "External Asset Directories" that include JSON manifests. The dynamic loading and parsing of these external configuration files could be exploited to manipulate extension behavior if the inputs are not strictly validated.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 17, 2026, 01:43 AM
Security Audit — agent-trust-hub — pixel-agents-vscode