add-skill
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFENO_CODEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill package contains no executable scripts, configuration files (like package.json or requirements.txt), or binary assets. It consists entirely of documentation and metadata in the
SKILL.mdfile. - [EXTERNAL_DOWNLOADS]: The skill description specifies its primary purpose is to facilitate downloading agent skills from "arbitrary GitHub repos." This identifies an external download capability inherent to the tool the skill wraps.
- [REMOTE_CODE_EXECUTION]: The intended functionality involves installing and running third-party code from the internet. While the skill itself provides no code to perform these actions, the capability it describes represents a potential vector for remote code execution if used with untrusted sources.
- [PROMPT_INJECTION]: The skill defines a surface for the ingestion of external instructions by facilitating the installation of third-party skills.
- Ingestion points: GitHub repositories specified by the user or agent at runtime.
- Boundary markers: None are defined in the skill's metadata to differentiate between trusted and untrusted inputs.
- Capability inventory: The skill facilitates the installation of additional functional capabilities (skills) into the agent's environment.
- Sanitization: No sanitization or validation logic is present in this documentation-only skill package.
Audit Metadata