Skills
skills/jhostalek/dotclaude/find-skills/Gen Agent Trust Hub

find-skills

Fail

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill utilizes 'npx' to download and run the 'skills' utility, facilitating the installation of further executable packages from unvetted remote repositories.
  • [REMOTE_CODE_EXECUTION]: Installation instructions mandate the use of the '-y' flag, which explicitly bypasses user confirmation for remote code execution and installation.
  • [COMMAND_EXECUTION]: The cleanup process involves manual shell commands for file relocation and recursive deletion ('rm -rf') of multiple directories (.agents, .junie, .kilocode, .kiro).
  • [EXTERNAL_DOWNLOADS]: The skill fetches data and executable content from 'skills.sh' and arbitrary GitHub repositories specified by the user or search results.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted metadata from skill search results (Ingestion points: 'npx skills find' output; Boundary markers: Absent; Capability inventory: 'npx skills add', 'rm', 'cp'; Sanitization: Absent).
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 12, 2026, 07:57 AM
Security Audit — agent-trust-hub — find-skills