Skills
skills/compozy/skeeper/find-skills/Gen Agent Trust Hub

find-skills

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill directs the agent to interact with the system using the npx skills command-line interface for searching, checking, and updating skills.
  • [EXTERNAL_DOWNLOADS]: The skill facilitates the retrieval of external software packages from the skills.sh registry and GitHub. It references trusted repositories such as vercel-labs/agent-skills.
  • [REMOTE_CODE_EXECUTION]: By using the npx skills add command, the agent installs and activates third-party code modules. The documentation encourages the use of the -y flag, which skips confirmation prompts, enabling the silent installation of potentially untrusted remote code.
  • [PROMPT_INJECTION]: The skill takes user-provided descriptions of tasks and interpolates them into the npx skills find command. This creates a surface for indirect prompt injection or command injection if the user provides crafted input designed to escape the command string.
  • Ingestion points: User input describing desired tasks or skill requests (e.g., "how do I do X").
  • Boundary markers: None; the user's query is used directly as a command argument.
  • Capability inventory: Access to npx and shell execution for package management.
  • Sanitization: No explicit sanitization or input validation is prescribed for the search queries.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 11:08 AM