optimize-network
Pass
Audited by Gen Agent Trust Hub on Jun 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill makes extensive use of the Bash shell to execute system diagnostic and configuration utilities. This includes tools like
scutil,networksetup,ifconfig,route,ping,dig,nettop, andlsofto inspect and modify network settings. - [PRIVILEGE_ESCALATION]: Several optimization tasks described in the instructions, such as resetting the AWDL interface (
sudo ifconfig awdl0 down/up) and flushing the mDNSResponder cache, require the use ofsudo. Although the instructions mandate seeking user confirmation before execution, these commands grant the agent the ability to perform administrative system changes. - [DATA_EXFILTRATION]: The
macos_network_snapshot.shscript performs comprehensive data collection, capturing hostnames, detailed routing tables, proxy configurations, DNS settings, and a list of active network processes vianettop. While this data is intended for local diagnostic reporting, the volume of system metadata gathered is significant. - [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from the local system environment by ingesting the output of commands like
nettopandlsofdirectly into the agent's context. The lack of boundary markers or sanitization for this data creates a potential surface where an attacker-controlled process name or network label could be used to influence the agent's subsequent logic. - [DYNAMIC_EXECUTION]: The diagnostic script includes embedded Python code executed via
python3 -cto parse JSON responses from a local Unix socket (/tmp/verge/verge-mihomo.sock). This technique is used to summarize proxy connection and configuration states.
Audit Metadata