find-skills
Warn
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
npx skillsCLI tool to perform various shell commands, includingfind,add,check, andupdate. - Evidence:
npx skills find [query],npx skills add <package> -g -y. - [EXTERNAL_DOWNLOADS]: The skill is designed to fetch and install packages from external sources like GitHub.
- Evidence:
npx skills add <package>downloads modular packages from the open agent skills ecosystem. - [REMOTE_CODE_EXECUTION]: Installing external skills via
npx skills addinvolves downloading code that is subsequently executed within the agent's environment. - Evidence: The installation process adds specialized knowledge, workflows, and tools from third-party repositories.
- [SAFE]: The skill includes explicit instructions for the agent to verify the quality and reputation of a skill (e.g., checking install counts, official sources like
vercel-labsoranthropics, and GitHub stars) before recommending or installing it. - Evidence: Step 4: Verify Quality Before Recommending guidelines.
Audit Metadata