ctx-upgrade
Fail
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [UNVERIFIABLE_DEPENDENCIES_AND_REMOTE_CODE_EXECUTION]: The skill is designed to fetch code from a remote repository ('Pulls latest from GitHub') and execute an installation process ('builds, installs'). This allows for the execution of arbitrary remote code on the host machine.- [COMMAND_EXECUTION]: The instructions explicitly direct the agent to execute shell commands returned by an MCP tool or manually derived from local file paths using shell execution tools like Bash.- [PRIVILEGE_ESCALATION]: The skill attempts to 'updates npm global', an operation that frequently requires administrative or elevated permissions to modify system directories.- [PERSISTENCE_MECHANISMS]: The skill performs 'hook configuration', which is a common technique for establishing persistence by placing scripts in git hooks or shell initialization files.- [DYNAMIC_EXECUTION]: The fallback mechanism identifies an executable JavaScript file at runtime using computed paths ('CLI="<PLUGIN_ROOT>/build/cli.js"') and executes it using the Node.js runtime.
Recommendations
- AI detected serious security threats
Audit Metadata