add-agent
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to interpolate user-provided arguments (e.g., agent names, package identifiers) directly into sensitive files such as
build.sh, CLI scripts, and Dockerfiles. If the input is not sanitized, this pattern allows for command injection within the generated scripts or the build environment. - [REMOTE_CODE_EXECUTION]: The skill provides instructions to scaffold installation processes that include high-risk patterns, such as downloading and executing remote scripts via
curlpiped to a shell. This introduces a vector for remote code execution if the source URLs are not strictly controlled. - [EXTERNAL_DOWNLOADS]: The generated files (Dockerfiles and CI workflows) are designed to download dependencies from various external registries including npm, GitHub, and PyPI. This documentation of external fetching is a standard part of the tool's purpose but represents a supply chain dependency surface.
Audit Metadata