autoresearch-create
Fail
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill requires the agent to generate and execute bash scripts containing user-defined commands, enabling arbitrary code execution.
- [PROMPT_INJECTION]: The instructions explicitly override agent behavioral constraints by mandating a 'LOOP FOREVER' mode and suppressing user confirmation prompts, stating 'Never ask should I continue?'.
- [DATA_EXFILTRATION]: The skill allows the agent to read and modify files across the filesystem and includes a configuration option to set an absolute path as the working directory, which could lead to unauthorized data access when combined with autonomous execution.
Recommendations
- AI detected serious security threats
Audit Metadata