talon
Fail
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a wide range of system commands for infrastructure probing, including
kubectl,docker,colima, andlaunchctl. - [COMMAND_EXECUTION]: The skill allows for the definition and execution of arbitrary shell commands via the
[script.<name>]section in theservices.tomlconfiguration file, which are executed usingsh -c. - [REMOTE_CODE_EXECUTION]: As noted in the troubleshooting instructions and automated scans, the skill documentation suggests piping the output of a network-accessible health endpoint (
http://127.0.0.1:9999/health) directly into a Python interpreter for JSON processing. - [COMMAND_EXECUTION]: The skill performs remote command execution via SSH to monitor the internal state of virtual machines (e.g.,
lima-colima), including executing Python-based socket probes. - [EXTERNAL_DOWNLOADS]: The skill interacts with external APIs, specifically the Telegram Bot API, to send SOS notifications and alerts during infrastructure failures.
- [DATA_EXFILTRATION]: System status data and critical error logs are transmitted to external communication channels (Telegram and iMessage) as part of the escalation process.
- [COMMAND_EXECUTION]: The skill manages system-level persistence and service lifecycles through
launchctl, including the ability to 'kickstart' or 'bootout' services.
Recommendations
- HIGH: Downloads and executes remote code from: http://127.0.0.1:9999/health - DO NOT USE without thorough review
Audit Metadata