process-compose-ops

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches Process Compose binaries and checksums from the official GitHub repository (github.com/F1bonacc1/process-compose). The skill includes SHA-256 verification logic to ensure binary integrity.
  • [COMMAND_EXECUTION]: Registers a Windows Scheduled Task (Register-ScheduledTask) to manage process persistence. This is a documented feature and requires administrative privileges for installation.
  • [REMOTE_CODE_EXECUTION]: Executes the downloaded binary (process-compose version) for runtime verification after SHA-256 hash validation.
  • [DATA_EXFILTRATION]: Reads local .env files to manage environment variables for orchestrated services, following standard dev-ops practices for secret management.
  • [PROMPT_INJECTION]: The skill provides an MCP server interface to read process logs, which is a surface for indirect prompt injection. 1. Ingestion points: Process logs. 2. Boundary markers: None. 3. Capability inventory: Process management and command execution. 4. Sanitization: Relies on core tool and agent-level safety.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 11:55 AM
Security Audit — agent-trust-hub — process-compose-ops