optimize-network

Pass

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill makes extensive use of the Bash shell to execute system diagnostic and configuration utilities. This includes tools like scutil, networksetup, ifconfig, route, ping, dig, nettop, and lsof to inspect and modify network settings.
  • [PRIVILEGE_ESCALATION]: Several optimization tasks described in the instructions, such as resetting the AWDL interface (sudo ifconfig awdl0 down/up) and flushing the mDNSResponder cache, require the use of sudo. Although the instructions mandate seeking user confirmation before execution, these commands grant the agent the ability to perform administrative system changes.
  • [DATA_EXFILTRATION]: The macos_network_snapshot.sh script performs comprehensive data collection, capturing hostnames, detailed routing tables, proxy configurations, DNS settings, and a list of active network processes via nettop. While this data is intended for local diagnostic reporting, the volume of system metadata gathered is significant.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from the local system environment by ingesting the output of commands like nettop and lsof directly into the agent's context. The lack of boundary markers or sanitization for this data creates a potential surface where an attacker-controlled process name or network label could be used to influence the agent's subsequent logic.
  • [DYNAMIC_EXECUTION]: The diagnostic script includes embedded Python code executed via python3 -c to parse JSON responses from a local Unix socket (/tmp/verge/verge-mihomo.sock). This technique is used to summarize proxy connection and configuration states.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 19, 2026, 03:58 PM
Security Audit — agent-trust-hub — optimize-network