Skills
skills/gkwa/volcanicviper/social-to-imgur/Gen Agent Trust Hub

social-to-imgur

Fail

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONCREDENTIALS_UNSAFEDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill interpolates user-supplied data (post_url) and external tool output (thumbnail_url) directly into shell commands for yt-dlp and curl. This creates a significant risk of command injection if the agent does not properly escape these variables (e.g., a URL containing ; command_here could trigger arbitrary execution).
  • [REMOTE_CODE_EXECUTION]: The skill uses uvx to dynamically download and execute the yt-dlp package from the Python Package Index (PyPI) at runtime. This involves fetching and running external code that is not pinned to a specific version or hash.
  • [CREDENTIALS_UNSAFE]: Instructions direct the agent to retrieve secrets from the macOS keychain using security find-generic-password. This exposes sensitive credentials to the shell environment and command-line history.
  • [DATA_EXFILTRATION]: Credentials retrieved from the local keychain are transmitted via curl to the Imgur API. While this is the intended functionality, the pattern of reading local secrets and sending them to a remote endpoint is a primary vector for exfiltration.
  • [EXTERNAL_DOWNLOADS]: The skill fetches content from arbitrary social media URLs and then uploads that data to api.imgur.com. This involves multi-step interactions with external, untrusted network resources.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Jun 13, 2026, 02:31 AM
Security Audit — agent-trust-hub — social-to-imgur