ui
Warn
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill uses the tool
mcp__uidotsh__uidotsh_fetchto retrieve content from a remote URI (uidotsh://ui). - [REMOTE_CODE_EXECUTION]: The skill is designed as a remote instruction stager. It explicitly instructs the agent to fetch content from an external source at runtime and treat that content as its primary instructions (
SKILL.md). This architecture allows for the execution of arbitrary, unverified logic that is not present in the skill's source files, and it further encourages following recursive remote references (uidotsh://...).
Audit Metadata