mm2-analytics-dashboard-roblox
Fail
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill directs users to clone a repository from 'https://8015238355.github.io'. This is an untrusted numeric domain on GitHub Pages, which is a common pattern for hosting ephemeral or malicious content rather than legitimate software projects.
- [REMOTE_CODE_EXECUTION]: The installation instructions include 'chmod +x setup.sh' followed by './setup.sh --install' immediately after cloning from the untrusted source. This pattern facilitates arbitrary command execution on the host system without prior verification of the script content.
- [COMMAND_EXECUTION]: There is a significant discrepancy between the stated purpose ('Analytics Dashboard') and the repository folder name 'murder-mystery-dupe-roblox'. In the context of Roblox, 'dupe' or duplication scripts are almost exclusively associated with scams designed to harvest user session cookies (cookie logging) or steal account credentials.
Recommendations
- AI detected serious security threats
Audit Metadata