find-skills
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the discovery and installation of external code via the
npx skills addcommand. This involves downloading third-party repositories to the local environment. - [COMMAND_EXECUTION]: The skill utilizes shell commands (
npx skills find,npx skills add,npx skills update) to interact with the skill ecosystem. These commands are part of the tool's core functionality for managing extensions. - [DATA_EXFILTRATION]: The skill performs network operations to search for and download skills from external registries and GitHub repositories. It specifically mentions
skills.shas a leaderboard source. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it processes untrusted descriptions of external skills found during searches.
- Ingestion points: Search results from
npx skills find <query>and metadata from external repositories. - Boundary markers: The skill provides a response template but does not explicitly instruct the agent to ignore instructions embedded within the skill descriptions it retrieves.
- Capability inventory: The agent has the ability to write to the local filesystem and install/execute code via
npx skills add. - Sanitization: The skill includes high-level instructions for the agent to manually verify the 'Quality Thresholds' (e.g., star count, author reputation) before recommending or installing a skill.
Audit Metadata