Skills
skills/1xiaoooo/buaa-course-skills/buaa-classroom-summarizer/Gen Agent Trust Hub

buaa-classroom-summarizer

Fail

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [CREDENTIALS_UNSAFE]: scripts/extract_buaa_classroom.py accesses sensitive browser storage files to harvest session data. It identifies and reads the Cookies database and Local State configuration files for both Microsoft Edge and Google Chrome (e.g., AppData/Local/Microsoft/Edge/User Data/Default/Network/Cookies). The script utilizes win32crypt (Windows DPAPI) to extract master keys and decrypts session cookies using the AES-GCM algorithm.
  • [DATA_EXFILTRATION]: Decrypted session tokens are cached locally at ~/.codex/cache/buaa_browser_session.json and are subsequently transmitted to external BUAA domains (*.buaa.edu.cn and *.msa.buaa.edu.cn) to authenticate API requests. This constitutes a credential harvesting and transmission chain.
  • [COMMAND_EXECUTION]: The skill employs subprocess.run to execute various system commands and internal scripts. It invokes the ffmpeg binary (via imageio-ffmpeg) for video stream processing and performs complex chaining of Python scripts (collect_buaa_course_replays.py calling extract_buaa_classroom.py, which in turn calls extract_ppt_outline.py) to automate the data extraction pipeline.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
May 9, 2026, 06:55 PM