Skills

Browse, search, and filter AI agent skills across all registries.

Command Execution

Skill	Summary	Stars	Downloads	Findings	Risk
workflow/workflow vercel	The skill actively promotes arbitrary code execution and command injection	2.0k	2.0k	8	100Critical
skills/agent-tools tool-belt	The skill allows remote code execution,	414	–	8	100Critical
skills/tavily-dynamic-search tavily-ai	This skill enables remote code execution via `curl \| bash	270	2.0k	5	100Critical
skills/tavily-search tavily-ai	The Tavily search skill allows remote code execution and arbitrary file writes, enabling system compromise and data exfiltration.	270	15.5k	2	100Critical
skills/tavily-extract tavily-ai	The skill allows remote code execution via `curl	270	5.9k	6	100Critical
batterie-de-savoir/update spm1001	This skill executes arbitrary code and installs malicious packages via	2	–	10	100Critical
flash-list/agent-device shopify	The skill executes shell commands and mandates `adb` for	7.1k	9	2	100Critical
second-brain-skills/para-manager shestera	The skill allows command injection and	0	1	4	100Critical
opc-skills/requesthunt resciencelab	This skill is dangerous as it can download and execute	838	1.2k	3	100Critical
model-deployment pluginagentmarketplace	The model deployment skill allows remote code execution and uses unpinned dependencies, posing significant supply chain risks.	2	5	2	100Critical
prelude-claude-plugin/nist preludeorg	This skill is highly vulnerable to command injection and	0	–	7	100Critical
overthink-plugins/generate overthinkos	This skill generates Containerfiles but introduces supply chain vulnerabilities	0	–	4	100Critical
overthink-plugins/layer overthinkos	This skill allows arbitrary command execution, privilege escalation	0	–	6	100Critical
harness-design/harness-design zanwei	This skill allows command injection, arbitrary	1	2	6	100Critical
prose/open-prose openprose	This skill self-modifies the agent's memory	1.2k	1.1k	14	100Critical
skills/sentry openai	The skill enables remote code execution and command injection	18.3k	951	5	100Critical
skills/render-deploy openai	The skill downloads and executes remote code, allowing arbitrary code execution and potential system compromise.	18.3k	909	1	100Critical
ui-ux-pro-max-skill/ui-ux-pro-max nextlevelbuilder	The skill is vulnerable to command injection via user input and	74.5k	148.3k	3	100Critical
architecture-cowork-plugin/architecture-methodology navraj007in	This skill executes shell commands, handles sensitive API	2	–	9	100Critical
codex-collab/codex-collab masuP9	This skill allows arbitrary command execution and privilege escalation via user	2	–	6	100Critical
design-extract/extract-design manavarya09	The skill allows arbitrary command execution via user	2.2k	1.1k	3	100Critical
deepagentsjs/langsmith-trace langchain-ai	The skill downloads and executes remote code, and encourages risky inferences when environment variables are missing.	1.2k	21	2	100Critical
ctf-skills/ctf-pwn ljagiello	This skill is an exploitation toolkit enabling arbitrary	1.9k	3.0k	9	100Critical
ctf-skills/ctf-misc ljagiello	This CTF skill details numerous	1.9k	2.9k	16	100Critical
spacemolt-docs/spacemolt kongyo2	The skill executes arbitrary remote code via `npx`,	0	–	8	100Critical
nano-banana-2-skill/nano-banana kingbootoshi	The skill executes arbitrary remote code from external sources	368	400	6	100Critical
langsmith-skills/langsmith-dataset langchain-ai	This skill executes arbitrary remote code, exfiltrates	111	1.6k	9	100Critical
langsmith-skills/langsmith-evaluator langchain-ai	The Langsmith Evaluator skill downloads and executes remote code, enabling arbitrary code	111	1.6k	1	100Critical
ilo/ilo ilo-lang	This skill enables arbitrary command execution, command injection	0	–	6	100Critical
adb-android-control hah23255	This skill grants an AI agent complete control over	1	–	24	100Critical
jules-skills/automate-github-issues google-labs-code	This skill enables arbitrary code execution, downloads remote scripts,	52	–	6	100Critical
awesome-copilot/winmd-api-search github	The skill executes local PowerShell scripts with user	32.2k	5.4k	4	100Critical
awesome-copilot/containerize-aspnetcore github	The skill generates Dockerfiles with multiple command injection vectors,	32.2k	8.4k	8	100Critical
skills/security-review getsentry	This skill enables arbitrary shell command execution and extensive file	668	4.7k	7	100Critical
sentry-python/security-review getsentry	This skill can execute arbitrary shell	2.2k	18	6	100Critical
oh-my-agent/oma-dev-workflow first-fluke	The skill installs `mise` via `curl \|	906	9	11	100Critical
developing-genkit-dart firebase	This skill downloads and executes remote code, misrepresenting itself	249	27.3k	2	100Critical
agent-skills/developing-genkit-dart firebase	The skill enables remote code download and execution, allowing arbitrary code execution and potential compromise of the agent.	268	40.8k	1	100Critical
sulcus/openclaw-sulcus-skill digitalforgeca	The skill allows shell command execution, ex	0	–	7	100Critical
xreview/xreview davidleitw	The skill allows remote code execution, enables prompt injection	12	–	11	100Critical
claude-plugin/code-review coderabbitai	This skill performs remote code execution, ex	43	13	3	100Critical
agent-skills/clickhousectl-local-dev clickhouse	The skill allows remote code execution and is vulnerable to command injection via unsanitized user input in `clickhousectl` commands.	415	336	2	100Critical
skills/clerk-backend-api clerk	The skill executes unverified remote code from	40	4.1k	4	100Critical
skills/brightdata-cli brightdata	This skill enables remote code execution	114	1.6k	5	100Critical
brave-search-skills/bx brave	The skill enables remote code download and execution, posing a	125	84	2	100Critical
agent-skills/github-navigator arshia2114	This skill grants broad `Bash(gh:*)`	0	–	9	100Critical
crabshell/verifying ZipperBagCoffee	This skill allows arbitrary command execution and	1	–	15	100Critical
pix-ai-coding-assistant/exploits-search Vulnetix	This offensive security tool installs a CLI from external sources	4	–	7	100Critical

Page 1 of 3