skill-manager
Fail
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill documentation promotes a high-risk execution pattern by instructing users to pipe remote content directly into shell interpreters (e.g.,
curl | bashandcurl | python). These scripts are hosted on a personal GitHub account rather than a verified or trusted organization. - [EXTERNAL_DOWNLOADS]: The skill requires downloading several external files, including
quick-install.sh,quick-install.bat, andinstall.py, from a remote GitHub repository to function. - [COMMAND_EXECUTION]: The installation and management workflows rely on executing local shell commands such as
git clone,mkdir,cp, andpython install.py, which are used to manipulate the local file system and environment. - [PROMPT_INJECTION]: The skill registry includes sub-skills specifically designed to evade AI detection (e.g., 'humanizer' and 'brief-write'). These skills contain rules such as 'anti-detection.md' and 'ai-patterns-avoid.md' intended to bypass automated monitoring and safety filters by masking AI-generated content patterns.
Recommendations
- HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/cycleuser/Skills/main/quick-install.sh, https://raw.githubusercontent.com/cycleuser/Skills/main/install.py - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata