skills/freekmurze/dotfiles/ui/Gen Agent Trust Hub

ui

Warn

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill uses the tool mcp__uidotsh__uidotsh_fetch to retrieve content from a remote URI (uidotsh://ui).
  • [REMOTE_CODE_EXECUTION]: The skill is designed as a remote instruction stager. It explicitly instructs the agent to fetch content from an external source at runtime and treat that content as its primary instructions (SKILL.md). This architecture allows for the execution of arbitrary, unverified logic that is not present in the skill's source files, and it further encourages following recursive remote references (uidotsh://...).
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 23, 2026, 08:41 AM
Security Audit — agent-trust-hub — ui