hs
hs · v1.5 · by Francesco Marinoni Moretto
62.6
Trust Score
0
Trust Tier
danger
Badge
Score Breakdown
| Factor | Score | Weight |
|---|---|---|
| Static | 10.0 | 15% |
| Permission | 95.0 | 15% |
| Poison | 80.0 | 15% |
| Clickfix | 100.0 | 15% |
| Credential | 60.0 | 15% |
| Twostage | 5.0 | 10% |
| Infrastructure | 100.0 | 5% |
| Typosquat | 100.0 | 5% |
| Age | 10.6 | 3% |
| Popularity | 0.0 | 2% |
Scan Results
STATIC — Score: 10
[HIGH] Prompt injection or system override attempt
(line 352)
**ALWAYS check for data leaving the system:**
[CRITICAL] Reverse shell via netcat
(line 101)
| `nc -e /bin/sh` | Reverse shell variant |
[CRITICAL] Remote script download piped to shell execution
(line 102)
| `curl/wget ... \| bash` | Executes untrusted remote code |
PERMISSION — Score: 95
[LOW] Skill appears to use network but declares no permissions
POISON — Score: 80
[HIGH] Content contains alarming words not in description: override
CLICKFIX — Score: 100
No findings.
INFRASTRUCTURE — Score: 100
No findings.
TWOSTAGE — Score: 5
[CRITICAL] Download piped directly to interpreter (two-stage loader)
(line 102)
| `curl/wget ... \| bash` | Executes untrusted remote code |
CREDENTIAL — Score: 60
[CRITICAL] SSH key file access or exfiltration
(line 356)
| Credentials in requests | `curl -d "$(cat ~/.ssh/id_rsa)"` | BLOCK |
TYPOSQUAT — Score: 100
No findings.