Skills
skills/rheinmir/setup/new-project-setup/Gen Agent Trust Hub

new-project-setup

Fail

Audited by Gen Agent Trust Hub on Jun 10, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill downloads and executes shell and PowerShell scripts directly from an unverified third-party repository (JuliusBrussee/caveman) using curl | bash and irm | iex. This allows for arbitrary code execution from a source outside the vendor's or recognized trusted organizations' control.
  • [EXTERNAL_DOWNLOADS]: The skill downloads a binary archive from github.com/rtk-ai/rtk and extracts its contents directly into the /usr/local/bin system directory. Installing unverified binaries into system-wide executable paths is a significant security risk.
  • [COMMAND_EXECUTION]: The skill automatically modifies the agent's global configuration file (~/.claude/settings.json) to inject hooks using the rtk init -g command. Automated modification of security-sensitive configuration files can lead to persistent unauthorized changes in agent behavior.
  • [EXTERNAL_DOWNLOADS]: The skill fetches setup scripts and clones repositories from the author's own GitHub account (rheinmir/setup). While consistent with the stated author's identity, these actions involve executing remote code and logic at runtime to manage the local environment.
Recommendations
  • HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/JuliusBrussee/caveman/main/install.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Jun 10, 2026, 09:27 AM
Security Audit — agent-trust-hub — new-project-setup