Skills
skills/tobihagemann/turbo/oracle/Gen Agent Trust Hub

oracle

Fail

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: HIGHDATA_EXFILTRATIONREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
  • [DATA_EXFILTRATION]: The script scripts/refresh_cookies.py directly accesses and decrypts the Chrome browser's cookie database (~/Library/Application Support/Google/Chrome/*/Cookies). It specifically targets cookies related to 'chatgpt' and stores them in a local file ~/.oracle/cookies.json.
  • [CREDENTIALS_UNSAFE]: The script uses security find-generic-password to programmatically retrieve the 'Chrome Safe Storage' key from the macOS Keychain. While this requires a user prompt, it facilitates the decryption of sensitive session tokens.
  • [REMOTE_CODE_EXECUTION]: The script scripts/run_oracle.py uses npx -y @steipete/oracle to download and execute an external Node.js package at runtime. This allows for the execution of unverified remote code with the same privileges as the agent.
  • [COMMAND_EXECUTION]: The skill uses subprocess.check_output and subprocess.call to execute system commands (security, npx) and manage external processes.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 15, 2026, 08:50 PM