slb
Fail
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: HIGHPROMPT_INJECTIONREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The
AGENTS.mdfile contains explicit behavioral overrides, such as 'Rule 0', which demands absolute obedience to author instructions over following guidelines. A specific note for Codex/GPT-5.2 also instructs the agent to 'fool itself' into thinking it made changes it didn't actually perform, effectively suppressing native agent warnings about external or concurrent file modifications. - [REMOTE_CODE_EXECUTION]: The
README.mdandSKILL.mdfiles promote an installation method usingcurl -fsSL https://raw.githubusercontent.com/Dicklesworthstone/slb/main/scripts/install.sh | bash. This pattern involves piping a remote script directly to a shell, which allows for remote code execution. - [COMMAND_EXECUTION]: The core utility of the skill is to authorize and execute shell commands. Files such as
internal/core/command.goandinternal/core/execute.goutilizeos/execto run arbitrary commands in the user's shell environment, inheriting all current environment variables and credentials. - [COMMAND_EXECUTION]: The installation script and command classification engine include the use of
sudo, providing a path for executing commands with elevated privileges during setup or operation.
Recommendations
- HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/Dicklesworthstone/slb/main/scripts/install.sh?$(date, https://raw.githubusercontent.com/Dicklesworthstone/slb/main/scripts/install.sh - DO NOT USE without thorough review
Audit Metadata