confluence
Fail
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill provides installation instructions that pipe a remote script from
https://raw.githubusercontent.com/jorgemuza/orbit/main/install.shdirectly into a shell interpreter (| sh). This 'curl-to-shell' pattern allows for arbitrary code execution on the user's system without prior verification of the script's contents. - [EXTERNAL_DOWNLOADS]: The skill facilitates the download of the
orbitCLI tool from a non-standard third-party GitHub repository during the setup process. - [DATA_EXFILTRATION]: Diagram source code (such as Mermaid or PlantUML) is automatically sent to the external service
kroki.iofor rendering. While documented as a feature, this involves transmitting potentially sensitive documentation or architectural data to a third-party platform. - [CREDENTIALS_UNSAFE]: The skill manages Confluence API tokens and Personal Access Tokens (PATs). It suggests storing these in
~/.config/orbit/config.yaml, which could result in credential exposure if the file is not properly protected or is accessed by other unauthorized processes. - [COMMAND_EXECUTION]: The skill executes multiple shell commands using the
orbitCLI, incorporating parameters derived from local files and user input (e.g., page titles and file paths), which presents a command injection surface if the inputs are not correctly sanitized. - [DATA_EXPOSURE]: The
exportandpublishworkflows involve reading and writing to the local file system, including sensitive operations like modifying YAML frontmatter in markdown files.
Recommendations
- HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/jorgemuza/orbit/main/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata