outlit
Fail
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill documentation recommends a "Fast install" method using
curl -fsSL https://outlit.ai/install.sh | bash. This executes a remote script directly in the shell. While originating from the vendor's domain, this method skips local validation of the code being executed. - [COMMAND_EXECUTION]: The skill's instructions rely on executing various
outlitCLI commands for setup, authentication, and notification tasks, which interact with the host operating system. - [EXTERNAL_DOWNLOADS]: The skill downloads dependencies and executable tools from external sources, including NPM, Homebrew, and the vendor's website.
- [PROMPT_INJECTION]: The skill retrieves data from external, untrusted sources such as customer emails and support tickets, creating a surface for indirect prompt injection.
- Ingestion points: Data is fetched via
outlit searchandoutlit_get_timeline. - Boundary markers: No specific delimiters or instructions to ignore embedded commands are provided.
- Capability inventory: The skill can perform SQL queries, system configuration, and send notifications to external platforms.
- Sanitization: There is no mention of sanitizing external data before it is processed by the agent.
Recommendations
- HIGH: Downloads and executes remote code from: https://outlit.ai/install.sh - DO NOT USE without thorough review
Audit Metadata