port-whisperer
Warn
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The script
scripts/ports.shusesnpx --yes port-whispererto fetch theport-whispererpackage from the public npm registry if it is not already available on the system PATH. - [REMOTE_CODE_EXECUTION]: By using
npx --yes, the skill performs automatic execution of code downloaded from a remote package registry without version pinning or integrity verification at the script level. - [COMMAND_EXECUTION]: The skill provides the ability to execute system-level commands through the
port-whispererCLI, includingkillandcleanactions that can terminate running processes. The wrapper scriptscripts/ports.shpasses user-supplied arguments directly to these commands. - [INDIRECT_PROMPT_INJECTION]: The skill processes data from the local system (process names, command-line arguments, and application logs) which could potentially contain malicious instructions designed to influence the agent's subsequent actions.
- Ingestion points: Outputs from
list,ps,inspect, andlogscommands inscripts/ports.sh. - Boundary markers: The skill relies on natural language safety rules in
SKILL.mdbut does not implement technical boundary markers or 'ignore' instructions in the data-processing scripts. - Capability inventory: The skill has access to the
Bashtool to executescripts/ports.sh, which can terminate system processes. - Sanitization: The script includes a
strip_ansifunction to remove color codes but does not perform content sanitization or validation of the process data before it is returned to the agent context.
Audit Metadata