Skills
skills/jsonlee12138/agent-team/find-skills/Gen Agent Trust Hub

find-skills

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the npx skills CLI to perform searches, checks, and updates. This is the core intended functionality for managing the agent's environment.
  • [EXTERNAL_DOWNLOADS]: The skill facilitates the discovery and download of external packages from the skills.sh registry and GitHub. It mitigates risk by instructing the agent to verify metadata such as install counts (preferring >1K) and GitHub stars before recommendation.
  • [REMOTE_CODE_EXECUTION]: Installation of skills via npx skills add involves executing remote code. The instructions prioritize well-known and trusted organizations (Vercel Labs, Anthropic, Microsoft) and require user consent before proceeding with the installation flag -y.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 02:17 PM
Security Audit — agent-trust-hub — find-skills