Skills
skills/switch-dimension/molten-os-core/molten-landing/Gen Agent Trust Hub

molten-landing

Warn

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to run a bundled Python script, scripts/audit_metrics.py, to perform technical audits of landing pages. The script is executed via the command line using python3.
  • [EXTERNAL_DOWNLOADS]: The scripts/audit_metrics.py script uses the urllib.request module to fetch content from arbitrary, user-supplied URLs for analysis. This allows the agent to interact with external web resources outside of a restricted whitelist.
  • [DATA_EXFILTRATION]: The combination of local file system access (reading HTML/CSS files) and the ability to make external network requests via the audit script creates a potential path for exfiltrating sensitive local data if the agent's instructions are overridden to target internal files.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 16, 2026, 02:48 PM
Security Audit — agent-trust-hub — molten-landing