skills/adobe/skills/domain-mask/Gen Agent Trust Hub

domain-mask

Warn

Audited by Gen Agent Trust Hub on Jul 7, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill requires administrative privileges via sudo to modify the system's /etc/hosts file and listen on privileged network port 443. It also invokes system commands like mkcert and which via execSync to manage local certificates.\n- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by proxying external content.\n
  • Ingestion points: Data from the user-provided target-url is piped through the proxy in scripts/domain-mask.mjs.\n
  • Boundary markers: Absent. The skill does not wrap proxied content in delimiters or provide safety warnings to the agent.\n
  • Capability inventory: The skill possesses high-privilege capabilities including writing to /etc/hosts, binding to port 443, and executing CLI commands.\n
  • Sanitization: Absent. The documentation explicitly notes that the tool does not rewrite or sanitize response bodies from the target URL.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jul 7, 2026, 09:04 AM
Security Audit — agent-trust-hub — domain-mask