Skills
skills/thedaviddias/agent-forge/find-skills/Gen Agent Trust Hub

find-skills

Warn

Audited by Gen Agent Trust Hub on Jun 27, 2026

Risk Level: MEDIUMREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill instructs the agent to install and execute code from external sources using the npx skills add <package> command. This allows for the execution of arbitrary scripts hosted on GitHub repositories.
  • [COMMAND_EXECUTION]: The instructions recommend using the -y flag with npx skills add, which explicitly skips confirmation prompts. This allows the agent to install third-party code without human oversight, increasing the risk of automated compromise.
  • [EXTERNAL_DOWNLOADS]: The skill performs network operations to search for and download content from the skills.sh domain and various GitHub repositories.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through tool output poisoning.
  • Ingestion points: The agent ingests untrusted data from the output of the npx skills find command, which contains repository names and descriptions provided by third-party authors.
  • Boundary markers: There are no instructions for the agent to use delimiters or ignore instructions that might be embedded in the search results.
  • Capability inventory: The agent has the capability to execute commands and install persistent code via the npx skills utility.
  • Sanitization: The skill does not provide mechanisms to sanitize or validate the content of the search results before the agent processes them.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 27, 2026, 09:41 AM
Security Audit — agent-trust-hub — find-skills