sales-third-party
Warn
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions and command-line examples to download and install content from several third-party repositories. While some sources trace back to the vendor (sales-skills/sales) or well-known services (apify/agent-skills), several others originate from unverified accounts:
- coreyhaines31/marketingskills
- resciencelab/opc-skills
- aaron-he-zhu/seo-geo-claude-skills
- jimliu/baoyu-skills
- supercent-io/skills-template
- wshobson/agents
- calm-north/seojuice-skills
- starchild-ai-agent/official-skills
- inferen-sh/skills
- [REMOTE_CODE_EXECUTION]: The skill promotes the installation of external packages using the "npx skills add" command. This process downloads and integrates third-party code into the agent's active environment. If these third-party repositories are compromised or contain malicious logic, it could lead to the execution of unauthorized or dangerous code.
Audit Metadata