Skills
skills/dnyoussef/ai-chrome-extension/agent-creator/Gen Agent Trust Hub

agent-creator

Warn

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill includes code templates for both TypeScript and Python that utilize the npx command to fetch and execute external code.
  • Evidence: The configuration snippets for mcpServers include the command npx claude-flow@alpha mcp start. This package is retrieved from the public NPM registry at runtime and is not associated with a known trusted organization.
  • [COMMAND_EXECUTION]: The skill instructs the creation of agents equipped with high-impact tools and recommends permission settings that remove human-in-the-loop oversight.
  • Evidence: The SDK implementation examples explicitly list Bash and Write in the allowedTools array.
  • Evidence: The agent-creator-process.dot file highlights a bypassPermissions mode described as "Auto-approve all," which poses a significant risk of unauthorized command execution if the agent is compromised or follows a malicious prompt.
  • [REMOTE_CODE_EXECUTION]: The framework encourages a pattern of "reverse engineering" and executing remote scripts as part of its "Phase 4: Deep Technical Enhancement."
  • Evidence: The integration of the claude-flow MCP server via npx constitutes remote code execution, as the logic of the server is hosted externally and executed locally to provide the agent's core capabilities.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 2, 2026, 07:18 AM
Security Audit — agent-trust-hub — agent-creator