building-c2-redirector-infrastructure

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to clone the cs2modrewrite repository from https://github.com/threatexpress/cs2modrewrite and references other tools like RedWarden and redi from GitHub. These sources are not included in the trusted vendor list.\n- [COMMAND_EXECUTION]: The skill requires administrative privileges to install packages (apt install), enable web server modules (a2enmod), and reload services (systemctl reload). It also uses sudo for firewall configuration (ufw).\n- [DATA_EXFILTRATION]: The scripts/agent.py script performs network probes to validate redirector functionality. It disables SSL certificate verification (verify=False), exposing the communication to potential man-in-the-middle attacks. Additionally, the script allows writing generated configuration data to arbitrary local file paths via the --output argument.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface in the configuration generation logic of scripts/agent.py.\n
  • Ingestion points: User-supplied strings via --uri and --user-agent command-line arguments.\n
  • Boundary markers: Absent; inputs are directly interpolated into an nginx configuration template.\n
  • Capability inventory: The script has the capability to write files to the local file system and perform network requests.\n
  • Sanitization: Minimal; the script perform basic whitespace stripping and removal of leading slashes from URI patterns but lacks robust validation or escaping.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 03:41 AM
Security Audit — agent-trust-hub — building-c2-redirector-infrastructure