minecraft-modpack-server

Warn

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses administrative privileges via sudo to install system packages (openjdk) and modify host firewall rules (ufw).
  • [REMOTE_CODE_EXECUTION]: The workflow downloads a ZIP archive from a user-specified URL and executes a shell script (bash startserver.sh) found inside. This facilitates the execution of arbitrary code from external sources, which is standard for modpack installations but inherently risky.
  • [EXTERNAL_DOWNLOADS]: Uses wget to retrieve server assets from remote URLs provided during runtime.
  • [PERSISTENCE]: Automatically modifies the user's crontab to schedule an hourly execution of a backup script (backup.sh), ensuring ongoing background activity.
  • [INDIRECT_PROMPT_INJECTION]:
  • Ingestion points: serverpack.zip downloaded from external URLs in SKILL.md.
  • Boundary markers: None present.
  • Capability inventory: sudo apt install, bash startserver.sh, sudo ufw allow, and crontab modification in SKILL.md.
  • Sanitization: None. The skill executes scripts directly from the downloaded archive without verifying integrity or content.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 16, 2026, 01:44 PM
Security Audit — agent-trust-hub — minecraft-modpack-server