quickdup
Fail
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill instructions in
SKILL.mdandreferences/quickdup.mdrecommend installing the QuickDup CLI by piping remote scripts directly from a third-party GitHub repository into shell interpreters, a high-risk execution pattern. - Evidence:
curl -sSL https://raw.githubusercontent.com/asynkron/Asynkron.QuickDup/main/install.sh | bashinSKILL.md. - Evidence:
iwr -useb https://raw.githubusercontent.com/asynkron/Asynkron.QuickDup/main/install.ps1 | iexinSKILL.md. - [EXTERNAL_DOWNLOADS]: The skill downloads installation scripts and Go packages from an external repository (
github.com/asynkron/Asynkron.QuickDup) that is not recognized as a trusted vendor or well-known service. - [COMMAND_EXECUTION]: The skill performs several shell operations, including tool installation (
go install,curl,iwr) and tool execution (quickdup) with parameters determined at runtime based on the source code structure. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted source files from the repository without sanitization, which could contain instructions meant to manipulate the agent.
- Ingestion points: C# (
.cs) and Razor (.razor) files, and the duplication report output from the QuickDup tool. - Boundary markers: None; the skill lacks delimiters or instructions to distinguish code content from potential embedded agent commands.
- Capability inventory: The agent has shell access to execute CLI tools and modify repository files during refactoring workflows.
- Sanitization: No sanitization or verification of the file content is performed before processing.
Recommendations
- HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/asynkron/Asynkron.QuickDup/main/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata