skills/duc01226/easyplatform/dual-ai/Gen Agent Trust Hub

dual-ai

Fail

Audited by Gen Agent Trust Hub on Jul 5, 2026

Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill explicitly disables security guardrails by invoking CLI tools with flags such as --dangerously-skip-permissions for Claude and --dangerously-bypass-approvals-and-sandbox for Codex, granting spawned sessions unrestricted system access.
  • [REMOTE_CODE_EXECUTION]: The skill dynamically generates and executes platform-specific shell scripts (.sh) and PowerShell scripts (.ps1) at runtime to initialize and orchestrate the parallel sessions.
  • [COMMAND_EXECUTION]: The skill utilizes a custom Node.js supervisor (scripts/dual-ai-runner.mjs) to spawn child processes using node:child_process, which increases the host's exposure to potentially malicious command execution.
  • [PROMPT_INJECTION]: The skill contains instructions that mandate a "full-permission mode" and "xhigh reasoning effort," which overrides default safety constraints and resource limits for the fanned-out sessions.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Jul 5, 2026, 06:07 PM
Security Audit — agent-trust-hub — dual-ai