skills/ascend-ai-coding/awesome-ascend-skills/external-mindstudio-github-raw-fetch/Gen Agent Trust Hub
external-mindstudio-github-raw-fetch
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute
curlorcurl.execommands using templates that interpolate owner, repository, branch, and file path components. These components are derived from user-provided URLs or repository content, creating a surface for command injection if the inputs contain shell metacharacters. - [PROMPT_INJECTION]: The skill implements a 'docs router' mechanism that requires the agent to fetch and follow instructions from an untrusted external file (
agent_router.md) found within target repositories. This creates an indirect prompt injection surface where a malicious repository can provide routing rules designed to mislead the agent or influence its decision-making process. - [EXTERNAL_DOWNLOADS]: The skill fetches arbitrary text content and source code from
raw.githubusercontent.com. While GitHub is a well-known service, the skill downloads content from unverified third-party repositories which may contain malicious instructions or payloads intended for the agent to process.
Audit Metadata