s800-vehicle-network-security-testing
Fail
Audited by Gen Agent Trust Hub on May 29, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill clones a software repository from an untrusted GitHub account (
zhu-zhu666) located athttps://github.com/zhu-zhu666/S800-Vehicle-Network-Security-Testing-Framework.git. Content from unknown repositories can contain malicious code. - [REMOTE_CODE_EXECUTION]: The framework installation guide explicitly instructs the user to run
sudo python3 setup.py installafter cloning the untrusted repository. This pattern executes arbitrary code from the download with root permissions, allowing for the installation of persistent malware or backdoors. - [COMMAND_EXECUTION]: The skill makes extensive use of the
sudocommand to perform administrative tasks, including kernel module loading (modprobe), network interface configuration (ip link), and granting raw network capabilities (setcap) to the Python binary. While common in automotive testing, these commands provide a path for privilege escalation if the framework is malicious.
Recommendations
- AI detected serious security threats
Audit Metadata