skills/mikeyobrien/rho/install-rho/Gen Agent Trust Hub

install-rho

Pass

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: SAFEREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The README.md and automated scanner identify a 'curl | bash' installation pattern using a script from 'https://rhobot.dev/install'. This is the official installation method for the Rho framework and originates from the project's own domain.
  • [EXTERNAL_DOWNLOADS]: The 'install-rho' skill fetches the framework's source code from 'https://github.com/mikeyobrien/rho.git' and downloads various Node.js and system dependencies required for the agent to function.
  • [COMMAND_EXECUTION]: The 'install.sh' script executes system-level package manager commands (pkg, brew, sudo apt) to install prerequisites like Node.js, tmux, and git. These operations are necessary for the core functionality of the agent framework.
  • [PROMPT_INJECTION]: The system includes specific protections against indirect prompt injection. The 'rho-cloud-email' skill implements a sender allowlist that prevents the agent from reading or acting on emails from unknown sources, effectively gating a common attack vector. Additionally, the 'memory-consolidate' skill is designed to prune noisy or potentially malicious instructions from the agent's long-term memory.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 19, 2026, 11:39 PM
Security Audit — agent-trust-hub — install-rho