ai-director
Fail
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: HIGHCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The file
scripts/auto-iterate.jscontains a command injection vulnerability. It useschild_process.execSyncto execute a shell command where user-supplied prompt data is directly interpolated into the command string:node scripts/ad-producer.js generate-script "${currentPrompt}". An attacker can escape the quotes using shell metacharacters (e.g.,;,$(...), or backticks) to execute arbitrary code on the underlying system. - [COMMAND_EXECUTION]: The script
scripts/ad-account-manager.jscontains logic to execute external shell commands viaexecSyncto synchronize account data. Spawning subprocesses to run scripts based on internal variables creates a potential execution surface for unauthorized commands. - [DATA_EXFILTRATION]: The skill manages and transmits sensitive API credentials, including
X2C_API_KEYandGEMINI_API_KEY, which are stored in local JSON files under thecredentials/directory. These credentials, along with user-generated content, are sent to external endpoints such as a Supabase-hosted API (https://eumfmgwxwjyagsvqloac.supabase.co) and Google's Gemini API. While these are established platforms, the interaction involves the access and network transmission of authentication tokens from local storage.
Recommendations
- AI detected serious security threats
Audit Metadata