appicons
Warn
Audited by Gen Agent Trust Hub on Jun 28, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/favicon-gen.shis vulnerable to command injection. It uses an unquoted heredoc delimiter (cat <<JSON) to construct the API payload. In Bash, unquoted heredocs perform variable expansion and command substitution. Because parameters like--bg,--shape,--variant, and--primaryare interpolated directly into this block without sanitization or validation, a crafted argument containing shell patterns (such as$(...)or backticks) will be executed by the shell during the script's runtime. - [COMMAND_EXECUTION]: The script utilizes
unzip -o -qto extract a zip archive retrieved from a remote API. This pattern is susceptible to 'Zip Slip' (path traversal) attacks if the remote server is compromised or malicious, potentially allowing files to be overwritten outside of the designated output directory. - [COMMAND_EXECUTION]: The skill uses
curlfor network communication and employspython3 -corjqas dynamic execution fallbacks for parsing JSON data from API responses. - [EXTERNAL_DOWNLOADS]: The skill performs network requests to
api.iconify.designto fetch SVG icons andfavicontools.comto upload image data and download the resulting icon package. - [DATA_EXFILTRATION]: Local files or remote images provided as a source are read and uploaded (base64 encoded) to the external
favicontools.comAPI. The script includes a basic security control that restricts local file access to common image extensions (png, jpg, jpeg, webp, gif, svg).
Audit Metadata