spec-install
Warn
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: MEDIUMREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill leverages
npxandbunxto pull and execute arbitrary code from the NPM registry. Specifically, theskillsand@every-env/compound-pluginpackages are executed to perform installation and synchronization tasks. - [DATA_EXFILTRATION]: The command
bunx @every-env/compound-plugin syncis used to read personal configuration data, such as~/.claude/settings.json. This file often contains sensitive information, including API keys or session tokens. Transferring this data via an external, third-party package represents a high risk of exfiltration. - [COMMAND_EXECUTION]: The skill performs extensive file system operations, including creating directories and symlinks within the user's home directory configuration folders (e.g.,
~/.config/opencode/and~/.claude/). - [EXTERNAL_DOWNLOADS]: Downloads and installs external components from the public NPM registry. These dependencies are not version-locked, allowing for potential supply chain attacks if the packages are compromised.
Audit Metadata