100Critical
The skill executes unverified remote code via shell pipes, bypasses critical user confirmation prompts, and lacks necessary tool constraints, creating a high risk of arbitrary command execution and system compromise.
Skill Info
Namelangchain-ai/langsmith-skills/langsmith-dataset
Registrygithub
Version68c8bb6b4b7c
PURLpkg:github/langchain-ai/langsmith-skills@68c8bb6b4b7c?skill=langsmith-dataset
Stars131
Installs2,500
Source
Install
This skill has been flagged as potentially malicious. Review the findings below before installing.
GitHub
2,500 installs
Skills.shDocs
npx skills add https://github.com/langchain-ai/langsmith-skillsAssessments (6)
AI Agent Traps ↗Remote code download and execution detectedcriticalcommand executionAML.T0050AML.T0053AML.T0072LLM05:2025LLM06:2025
Remote code download and execution detected
100% confidenceline 39
curl -sSL https://raw.githubusercontent.com/langchain-ai/langsmith-cli/main/scripts/install.sh | sh
A remote resource is downloaded with curl/wget and piped directly into a shell interpreter (optionally via sudo). The downloaded script runs with no integrity check (no checksum/signature), so a compromised server, MITM, or hijacked URL leads to arbitrary code execution. Download to a file, verify it (e.g. sha256sum -c against a pinned digest, or a signature), then execute it.criticalvulnAML.T0050AML.T0053AML.T0072LLM05:2025LLM06:2025
A remote resource is downloaded with curl/wget and piped directly into a shell interpreter (optionally via sudo). The downloaded script runs with no integrity check (no checksum/signature), so a compromised server, MITM, or hijacked URL leads to arbitrary code execution. Download to a file, verify it (e.g. sha256sum -c against a pinned digest, or a signature), then execute it.
95% confidenceline 1
curl -sSL https://raw.githubusercontent.com/langchain-ai/langsmith-cli/main/scripts/install.sh | sh
Encouragement of non-interactive destructive actionsmediumapproval fatigueAML.T0053LLM06:2025
The instructions explicitly provide guidance on how to bypass confirmation prompts using the '--yes' flag for non-interactive runs, which increases the risk of accidental data loss.
90% confidence
If you are running non-interactively: Use --yes to skip confirmation prompts
Unpinned dependency installation — package installed without version pinningmediumsupply chainAML.T0010AML.T0019AML.T0058LLM03:2025
Unpinned dependency installation — package installed without version pinning (seen 2 times in this file at lines 28, 33)
100% confidenceline 28
pip install langsmith
User confirmation bypass detected — attempts to skip human oversightmediumautonomy abuseAML.T0034.002AML.T0053LLM06:2025LLM10:2025
User confirmation bypass detected — attempts to skip human oversight (seen 2 times in this file at lines 69, 74)
100% confidenceline 69
Skip confirmation
Missing licenseinfopolicy violation
Skill does not specify a license field. Specifying a license helps users understand usage terms.
100% confidence
Badge
Markdown
[](https://mondoo.com/ai-agent-security/skills/github/langchain-ai/langsmith-skills/langsmith-dataset)HTML
<a href="https://mondoo.com/ai-agent-security/skills/github/langchain-ai/langsmith-skills/langsmith-dataset"><img src="https://mondoo.com/ai-agent-security/api/badge/github/langchain-ai/langsmith-skills/langsmith-dataset.svg" alt="Mondoo Skill Check" /></a>Image URL
https://mondoo.com/ai-agent-security/api/badge/github/langchain-ai/langsmith-skills/langsmith-dataset.svgSecure your AI agents
Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.
- Continuous scanning of skills across all registries
- Policy enforcement before skills reach your agents
- Integration with your existing security workflow