Skills
skills/borkweb/skills/offload/Gen Agent Trust Hub

offload

Fail

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The dispatch.sh script executes an external binary named codex using the --dangerously-bypass-approvals-and-sandbox flag. This configuration explicitly disables the security sandbox and suppresses all approval requirements for the sub-agent, allowing it to execute arbitrary commands, access the full file system, and perform network operations without user oversight.
  • [COMMAND_EXECUTION]: The skill invokes multiple system utilities and shell commands:
  • git is executed in handoff.mjs to retrieve project metadata.
  • tmux is used in dispatch.sh to create new terminal windows for builder processes.
  • osascript is used on macOS to script the Terminal application.
  • bash is used to execute dynamically generated launch scripts created via mktemp.
  • [EXTERNAL_DOWNLOADS]: The skill imports local code from ../session-budget/mailbox.mjs in dir.mjs. This file is not included in the skill package, making the logic that handles file path computation and data isolation unverifiable.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Jun 16, 2026, 06:52 AM
Security Audit — agent-trust-hub — offload