pokemon-player

Warn

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes multiple shell commands to set up Python virtual environments, install packages, and launch a local game server.
  • [DATA_EXFILTRATION]: Instructs the agent to establish an SSH reverse tunnel using ssh -R 80:localhost:9876 nokey@localhost.run. This exposes the local API server (port 9876) to the public internet via a random .lhr.life URL. This server provides endpoints for taking system/emulator screenshots (/screenshot) and accessing game state, potentially allowing unauthorized external access to the agent's local environment if the URL is discovered.
  • [EXTERNAL_DOWNLOADS]: The skill requires cloning the pokemon-agent repository from github.com/NousResearch/pokemon-agent and installing it via pip or uv. This is a vendor-owned resource consistent with the skill's authorship.
  • [CREDENTIALS_UNSAFE]: Discloses host-specific environment details by referencing hardcoded local paths such as /home/teknium/pokemon-agent.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 16, 2026, 01:44 PM
Security Audit — agent-trust-hub — pokemon-player