skills/ascend-ai-coding/awesome-ascend-skills/external-gitcode-ascend-ssh-connection/Gen Agent Trust Hub
external-gitcode-ascend-ssh-connection
Warn
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [CREDENTIALS_UNSAFE]: The README.md file recommends storing sensitive passwords in the ~/.bashrc shell configuration file, which is a plain-text persistence mechanism that can be accessed by other local processes.
- [CREDENTIALS_UNSAFE]: The config.yaml file includes a hardcoded absolute path to a user's private SSH key (C:/Users/qian/.ssh/id_ed25519), exposing local user directory structures and credential locations.
- [COMMAND_EXECUTION]: The skill provides broad capabilities for executing arbitrary shell commands on remote servers and managing local containers, creating a high-privilege interface that could be exploited via malicious inputs.
- [DATA_EXFILTRATION]: Inclusion of file transfer and network tunneling features (L-forwarding, R-forwarding, and SOCKS proxy) allows for the movement of data across network boundaries, which could facilitate exfiltration.
Audit Metadata