find-skills
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Uses the
npx skillsCLI to perform searches and manage the installation of agent extensions. - [EXTERNAL_DOWNLOADS]: Facilitates the installation of code from third-party repositories, such as GitHub, using the
npx skills addcommand. - [EXTERNAL_DOWNLOADS]: References official skill sets from well-known and established organizations like Vercel Labs and Anthropic.
- [PROMPT_INJECTION]: Presents an indirect prompt injection attack surface where metadata or descriptions from untrusted third-party skills could be ingested by the agent during search operations.
- Ingestion points: External skill metadata retrieved via the
npx skills findcommand (SKILL.md). - Boundary markers: Not present; the agent processes third-party search results directly for presentation to the user.
- Capability inventory: Execution of shell commands via the
npx skillsCLI suite. - Sanitization: Includes procedural checks for the agent to verify the reputation of skills (e.g., install counts and repository stars) before recommending or performing installations.
Audit Metadata