Skills
skills/x-cmd/skill/x-mirror/Gen Agent Trust Hub

x-mirror

Fail

Audited by Gen Agent Trust Hub on Mar 22, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The installation guide in data/install.md includes a command that downloads a shell script from https://get.x-cmd.com and pipes it directly into the shell interpreter (curl -fsSL https://get.x-cmd.com | sh). This method is high-risk as it executes remote code without prior local inspection.
  • [EXTERNAL_DOWNLOADS]: The skill fetches scripts, binary packages, and configuration files from external sources, including https://get.x-cmd.com, https://github.com/x-cmd/release, and https://conda.prefix.dev.
  • [COMMAND_EXECUTION]: The skill operates by executing shell commands to modify package manager registries and system environment settings. It also includes instructions for persistent modification of shell profile files (e.g., ~/.bashrc, ~/.zshrc) to automatically load the x-cmd environment.
  • [PROMPT_INJECTION]: The skill demonstrates a vulnerability surface for indirect prompt injection. It ingests untrusted user input (mirror names, package manager targets) and interpolates them into shell commands (x mirror <pkgmgr> set <mirror-name>) without explicit evidence of sanitization or validation in the provided skill content.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 22, 2026, 03:19 PM