wzrrd-publish
Fail
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONDATA_EXFILTRATIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill instructs the agent to download and execute a shell script from an unverified source using
curl -fsSL https://wzrrd.sh/install.sh | bash. This allows for arbitrary code execution on the user's system from an external, untrusted server. - [DATA_EXFILTRATION]: The skill is designed to upload files and directories to the external domain
wzrrd.sh. The description suggests uploading 'receipts' and 'docs', which may contain sensitive private information, resulting in unauthorized data exposure. - [COMMAND_EXECUTION]: Core functionality relies on executing the
wzrrdCLI tool for publishing, authentication, and diagnostics, which depends entirely on the integrity of an unverified binary. - [EXTERNAL_DOWNLOADS]: The skill requires downloading external code from a domain (
wzrrd.sh) that is not recognized as a trusted organization or well-known service. - [CREDENTIALS_UNSAFE]: The tool manages authentication tokens stored at
~/.config/wzrrd/auth.json. While common for CLI tools, the agent's interaction with processes that store or access these secrets increases the surface area for credential exposure.
Recommendations
- HIGH: Downloads and executes remote code from: https://wzrrd.sh/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata