arch-scripts
Warn
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill uses AUR helpers (paru, yay) with the --skipreview flag. This bypasses the manual inspection of community-contributed PKGBUILD scripts, which can contain arbitrary shell commands and are executed with user or elevated privileges during the build process.
- [EXTERNAL_DOWNLOADS]: The instructions automate the download and installation of software from multiple external registries including Crates.io (via cargo install), Flatpak, and the Arch User Repository.
- [COMMAND_EXECUTION]: The skill includes high-privilege system operations such as manually removing the pacman database lock file (/var/lib/pacman/db.lck) and using the --sudoloop flag to maintain sudo authorization during long-running installation tasks.
- [COMMAND_EXECUTION]: The skill interacts with systemd unit files using systemctl --user enable --now, allowing for the configuration and immediate execution of persistent user-level services.
Audit Metadata