linkedin-engineer
Warn
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill's installation instructions advise users to configure their agent to fetch instructions from an external URL hosted in a personal GitHub repository (https://raw.githubusercontent.com/lucaswhch/awesome-skills/main/skills/enterprise/linkedin/linkedin-engineer/SKILL.md). Since this repository is not affiliated with a verified or trusted organization, it presents a supply-chain risk where the remote content could be altered to change agent behavior without user notification.
- [COMMAND_EXECUTION]: The skill provides a shell command (echo "Read ..." >> ~/.claude/CLAUDE.md) for the user to execute. This command modifies a persistent configuration file used by the agent to establish a permanent link to remote instructions.
Audit Metadata