code-exec-fallback-266cba

Fail

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to use the run_shell tool to execute Python scripts directly. Shell execution typically provides broader access to the underlying operating system and file system compared to a restricted sandbox environment.
  • [REMOTE_CODE_EXECUTION]: By providing a formal workflow to generate and execute arbitrary script files (write_file followed by run_shell), the skill creates a mechanism for executing code that may be influenced or controlled by untrusted external inputs at runtime.
  • [PRIVILEGE_ESCALATION]: The instructions are specifically designed to bypass the execute_code_sandbox tool when it fails. If the sandbox was implemented to enforce security boundaries or resource limits, this fallback pattern intentionally subverts those protections to gain higher-privileged shell access.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
May 15, 2026, 04:34 PM
Security Audit — agent-trust-hub — code-exec-fallback-266cba