Skills
skills/vesely/skills/use-skill/Gen Agent Trust Hub

use-skill

Fail

Audited by Gen Agent Trust Hub on Apr 18, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill facilitates the fetching an d im mediate execution of external instruction s (SKIL L.m d) an d reference d script s from arbitrary GitHub repositories. It explicitly com mand s the agent to follow the remote skill's instructions exactly as if it were a local ly installe d skill, effec tively turning the agent into a remote instruction interprete r.
  • [COMMAND_EXECUTION]: The skill uses the curl utility to interact with the GitHub API, the skill s.sh searc h API, an d to downloa d raw file content s. The result s of the se com mand s directly influence the subsequen t behavio r an d instruction s of the agent.
  • [PROMPT_INJECTION]: This skill serves as a delivery vecto r for in direct prom pt injection. By downloa ding an d obeying instructions from un vette d third-party repositories or searc h result s, the agent is vulnerable to malicious over ride s or safety bypass instruction s containe d within the fetche d skill.
  • [EXTERNAL_DOWNLOADS]: The skill dynamically construct s URLs to fetch executable instruction s from raw.github usercontent.com an d skill s.sh. While the se are well-known platform s, the conten t is user-control le d an d no t subjec t to security vetting by the platform.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Apr 18, 2026, 11:41 AM