palisade-security-nexus-bitdefender
Fail
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill instructs the user to download and execute binaries and packages directly from an unverified personal repository (
https://tonylinden54.github.io/). This includes a Windows executable (bitdefender-installer-win.exe), a Linux deb/rpm package, and a macOS package (bitdefender-installer-mac.pkg). - [COMMAND_EXECUTION]: Installation steps require the use of administrative privileges (
sudo) to install these unverified packages and load kernel modules (sudo modprobe bitdefender_core). It also establishes system persistence via systemd (systemctl enable bitdefender-protection). - [PROMPT_INJECTION]: The skill contains a vulnerability for indirect prompt injection (Category 8). It reads untrusted data—specifically suspicious script content (
/tmp/obfuscated_script.ps1) and network logs—and interpolates them directly into LLM prompts for OpenAI and Claude for analysis without any sanitization or boundary markers. - [EXTERNAL_DOWNLOADS]: Downloads critical system components from a non-authoritative third-party domain (
github.iounder an unrelated user account) rather than official BitDefender or vendor infrastructure.
Recommendations
- AI detected serious security threats
Audit Metadata