Skills
skills/gate/gate-skills/gate-cli-installer/Gen Agent Trust Hub

gate-cli-installer

Warn

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The setup.sh script executes sudo install to move the downloaded binary into /usr/local/bin if the local installation directory is not writable. This allows the script to acquire elevated system privileges during the installation process.\n- [EXTERNAL_DOWNLOADS]: The skill downloads the gate-cli binary, release metadata, and checksums from the vendor's official GitHub repository (github.com/gate/gate-cli).\n- [PROMPT_INJECTION]: The SKILL.md instructions use high-priority directives (e.g., "☐ STOP", "MUST read and strictly follow") and direct the agent to an external URL (https://github.com/gate/gate-skills/blob/master/skills/gate-runtime-rules.md) for mandatory runtime rules, creating an indirect prompt injection surface.\n
  • Ingestion points: SKILL.md (via reference to external Markdown rules)\n
  • Boundary markers: Absent\n
  • Capability inventory: Shell script execution (bash), binary installation, and system path modification instructions.\n
  • Sanitization: Absent.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 29, 2026, 03:08 PM