Skills
skills/housegarofalo/claude-code-base/scrypted/Gen Agent Trust Hub

scrypted

Fail

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill recommends a installation method that downloads a shell script from a remote URL and pipes it directly into the bash interpreter.
  • Evidence: curl -s https://raw.githubusercontent.com/koush/scrypted/main/install/docker/install-scrypted-docker-compose.sh | bash in SKILL.md.
  • [COMMAND_EXECUTION]: The skill requires and uses high-privilege system tools for installation, diagnostics, and monitoring.
  • Evidence: Commands such as npm install -g, docker logs, ffprobe, ping, and avahi-browse are referenced throughout the documentation for use with the Bash tool.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its handling of untrusted data from system logs and network streams.
  • Ingestion points: The skill reads external data via docker logs scrypted and network discovery tools like avahi-browse (SKILL.md).
  • Boundary markers: No delimiters or explicit instructions to ignore embedded commands are present in the provided instructions.
  • Capability inventory: The skill has access to Bash, Edit, Write, and WebFetch tools (YAML frontmatter).
  • Sanitization: There is no evidence of sanitization or validation for the content of logs or stream metadata before processing.
Recommendations
  • HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/koush/scrypted/main/install/docker/install-scrypted-docker-compose.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Mar 15, 2026, 11:09 AM
Security Audit — agent-trust-hub — scrypted