skills-cli
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands using bunx or npx to interact with the skills and skvlt CLI tools for lifecycle management tasks such as discovery, installation, listing, and removal.
- [EXTERNAL_DOWNLOADS]: The primary purpose of the skill is to facilitate fetching content from remote Git repositories (GitHub, GitLab) and web URLs to install new capabilities via the skills CLI.
- [REMOTE_CODE_EXECUTION]: The skills add workflow involves downloading and incorporating instructions and scripts from external repositories into the agent's operating environment, which functions as a managed remote code execution vector.
- [PROMPT_INJECTION]: The search and discovery workflow (bunx skills find) involves ingesting and processing content from external registries and repositories, creating a surface for indirect prompt injection where the agent might ingest malicious instructions hidden in skill metadata or descriptions.
Audit Metadata