Skills
skills/jamie-bitflight/claude_skills/bash-testing/Gen Agent Trust Hub

bash-testing

Fail

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The installation instructions for the shellspec framework in SKILL.md recommend using the command curl -fsSL https://git.io/shellspec | sh. This practice of piping remote content to a shell for immediate execution is a high-risk pattern that can lead to arbitrary code execution from unverified sources.
  • [EXTERNAL_DOWNLOADS]: The skill documentation suggests downloading the shunit2 testing framework directly from its GitHub repository via curl. While the hosting service is well-known, downloading and executing scripts from repositories managed by unverified individuals or community members requires caution to prevent malicious code execution.
Recommendations
  • HIGH: Downloads and executes remote code from: https://git.io/shellspec - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 29, 2026, 08:40 AM