find-skills
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
npx skillscommand-line tool to interact with the skills ecosystem, performing tasks such as searching, checking for updates, and initializing new skills. - [EXTERNAL_DOWNLOADS]: Facilitates the download of agent skills from external sources, including GitHub repositories and the npm registry, through the
npx skills addcommand. - [REMOTE_CODE_EXECUTION]: Provides functionality to install and execute third-party code. To mitigate risks, the instructions include a mandatory verification process (Step 4) that directs the agent to evaluate install counts, GitHub stars, and source reputation (favoring trusted entities like Vercel, Anthropic, and Microsoft) before recommending or installing a skill.
- [PROMPT_INJECTION]: An indirect prompt injection surface is present because the skill processes untrusted metadata (names, descriptions) from an external registry. Maliciously crafted skill descriptions could attempt to influence agent behavior during the discovery or presentation phase.
Audit Metadata