crabbox
Pass
Audited by Gen Agent Trust Hub on Jul 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses various local shell commands to orchestrate remote testing environments, including
crabbox,blacksmith, andpnpm. It provides patterns for diagnostic checks such ascrabbox doctor,crabbox status, andblacksmith testbox list. - [REMOTE_CODE_EXECUTION]: The primary purpose of the skill is to facilitate executing code on remote targets via the
crabbox runcommand. It includes instructions for running complex shell strings, uploading and executing local scripts using--script, and executing commands on remote SSH targets. - [EXTERNAL_DOWNLOADS]: The skill documents procedures for downloading remote logs and test results using
crabbox artifacts collectand--capture-on-fail. These operations are part of the tool's intended lifecycle management for remote testing. - [DATA_EXPOSURE_AND_EXFILTRATION]: The skill provides explicit guidance on the safe handling of secrets, instructing the user to inject specific keys only into the remote process environment without printing or logging them. It also describes environment variable forwarding using
--allow-envand--env-from-profile. - [INDIRECT_PROMPT_INJECTION]: The skill defines procedures for ingesting data from external sources such as GitHub PRs (
--fresh-pr) and remote command outputs. While this creates a potential attack surface, the instructions include recommendations for human review and log redaction to mitigate risks.
Audit Metadata