Skills
skills/escapewu/skills/webapp-testing/Gen Agent Trust Hub

webapp-testing

Fail

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The utility script scripts/with_server.py uses subprocess.Popen with shell=True to execute server commands provided via CLI arguments. This pattern is highly susceptible to shell injection if the input command is influenced by untrusted data. Additionally, the script executes the primary automation command using subprocess.run, allowing for arbitrary binary execution on the system.\n- [PROMPT_INJECTION]: The SKILL.md file contains explicit instructions ("DO NOT read the source until you try running the script first") that direct the AI agent to bypass standard security auditing and code review processes. This metadata-level injection increases the risk that malicious logic within the scripts remains undetected before execution.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 18, 2026, 09:03 PM
Security Audit — agent-trust-hub — webapp-testing