contribute-skill
Warn
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to use
GIT_SSL_NO_VERIFY=1for network operations in sandbox environments. - This environment variable disables SSL/TLS certificate validation for Git and GitHub CLI operations. This bypasses a critical security control, making the connection vulnerable to Man-in-the-Middle (MITM) attacks where an attacker could intercept credentials or inject malicious code during the push/pull process.
- [COMMAND_EXECUTION]: The skill interpolates the user-supplied
$ARGUMENTS(mapped toSKILL_NAME) directly into shell commands and file paths without sanitization. - Evidence:
WORKDIR="/tmp/claude-${UID_VAL}/contribute-${SKILL_NAME}-${TS}" - Evidence:
git switch -c "contribute/<SKILL_NAME>-${SLUG}" - A malicious argument containing shell metacharacters (e.g.,
;,&,|) or directory traversal sequences (e.g.,../../) could result in arbitrary command execution or unintended file system access. - [EXTERNAL_DOWNLOADS]: The skill uses
gh repo cloneto download code from external repositories. - While the skill includes a logic check to ensure the source starts with
Fandhe-AI/, the act of cloning remote content into a local environment for modification and execution carries inherent risks if the remote source is compromised. - [DATA_EXFILTRATION]: The skill is designed to copy local files from
.agents/skills/and push them to a remote GitHub repository. - Although this is the intended purpose and restricted to the vendor's organization, it represents a data transmission path from the local environment to an external service.
Audit Metadata