gocd
Fail
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill provides instructions to install the 'orbit' CLI by downloading a script from a remote URL (https://raw.githubusercontent.com/jorgemuza/orbit/main/install.sh) and piping it directly into the shell ('curl | sh'). This pattern enables the execution of arbitrary unverified code from an external source.
- [EXTERNAL_DOWNLOADS]: The skill directs the agent or user to download and install software from third-party sources (GitHub and Scoop) that are not associated with a verified or trusted organization.
- [COMMAND_EXECUTION]: The skill defines 'cd' as an alias for the 'orbit' CLI. Because 'cd' is a core shell built-in used for directory navigation, this shadowing creates a risk where the agent might execute GoCD management tasks when file system navigation was intended.
Recommendations
- HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/jorgemuza/orbit/main/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata