linux-test
Fail
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions direct the agent to take user-supplied arguments and pass them directly to a shell command (
docker/test-runner/run.sh <command args>). Step 1 explicitly specifies that if the input starts with 'cargo', the arguments should be used 'as-is'. This creates a significant command injection vulnerability, allowing an attacker to execute unauthorized commands on the host system by including shell metacharacters (e.g., ';', '&&', '|') in the skill arguments. - [EXTERNAL_DOWNLOADS]: The skill executes a 'docker build' command which downloads base images and dependencies from external registries. This is documented neutrally as a functional requirement for setting up the containerized integration test environment.
Recommendations
- AI detected serious security threats
Audit Metadata