skills/openharmonyinsight/openharmony-skills/ohos-dev-distributed-mmi-device-test-harness/Gen Agent Trust Hub
ohos-dev-distributed-mmi-device-test-harness
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions for high-privilege system modifications on the target hardware, specifically 'mount -o rw,remount /', 'setenforce 0', and the replacement of system libraries in '/system/lib/'. These operations are associated with the skill's primary purpose as a device test harness and are accompanied by mandatory safety protocols, including user authorization and restoration planning.
- [COMMAND_EXECUTION]: The skill uses 'ssh', 'scp', and 'hdc' (OpenHarmony Device Connector) for remote command execution and file deployment between the development machine, an optional jump host, and the target device. It correctly uses placeholders for sensitive identifiers and credentials.
- [COMMAND_EXECUTION]: The skill facilitates the execution of local build scripts ('compile_test.py') to compile and deploy test binaries to the device environment.
- [DATA_EXFILTRATION]: The skill includes procedures for retrieving 'hidumper' diagnostic data and log files from the target device to the local development environment for debugging purposes.
- [COMMAND_EXECUTION]: The skill processes untrusted user or environment data (such as target names, paths, and identifiers) into shell commands without explicit sanitization or boundary markers, presenting a surface for indirect prompt injection if malicious data is provided to the agent.
Audit Metadata