Skills
skills/automateyournetwork/netclaw/aap-automation/Gen Agent Trust Hub

aap-automation

Fail

Audited by Gen Agent Trust Hub on May 2, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructions require cloning an external GitHub repository (sibilleb/AAP-Enterprise-MCP-Server) that does not belong to a trusted organization or vendor.
  • [REMOTE_CODE_EXECUTION]: The skill executes a Python script (ansible.py) from the downloaded untrusted repository using 'uv run', which could lead to code execution if the source is malicious.
  • [COMMAND_EXECUTION]: The 'run_adhoc_command' tool enables the execution of arbitrary Ansible modules and commands on remote infrastructure.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. Ingestion points: 'job_logs', 'get_adhoc_command_output', and 'get_host_facts' (SKILL.md). Boundary markers: Absent. Capability inventory: 'run_job', 'run_adhoc_command', and 'update_project' (SKILL.md). Sanitization: Absent.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
May 2, 2026, 04:46 AM