ssh-config
Warn
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes shell scripts (scripts/ssh-key-manager.sh and scripts/ssh-troubleshooter.sh) that perform operations on the host system, including generating SSH keys and modifying the ~/.ssh/config file. These scripts interpolate user-provided arguments into shell commands and unquoted heredocs, which creates a surface for command injection if inputs are not properly sanitized.
- [COMMAND_EXECUTION]: The instructions and scripts facilitate the modification of sensitive security files such as ~/.ssh/authorized_keys and the system's sshd_config. While these are documented as administrative tasks, they involve modifying critical security infrastructure and require user oversight.
- [PROMPT_INJECTION]: The skill exhibits surface area for indirect prompt injection as it ingests untrusted data via script arguments and lacks sanitization. 1. Ingestion points: Script arguments in scripts/ssh-key-manager.sh and scripts/ssh-troubleshooter.sh (e.g., hostnames, comments). 2. Boundary markers: Absent; arguments are used directly in shell contexts. 3. Capability inventory: File writes to ~/.ssh/config, shell command execution (ssh-keygen, ssh, chmod). 4. Sanitization: Absent; variables are interpolated into unquoted heredocs and shell strings without validation or escaping.
Audit Metadata