Skills
skills/usehyperstack/skills/hyperstack-build/Gen Agent Trust Hub

hyperstack-build

Fail

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches the official Rust toolchain from sh.rustup.rs and win.rustup.rs, and installs the vendor-provided CLI tool.
  • [REMOTE_CODE_EXECUTION]: Initial environment setup involves executing a shell script piped from a remote URL (curl | sh) and running downloaded binaries from official Rust project sources.
  • [COMMAND_EXECUTION]: The skill performs dynamic code generation and compilation using 'cargo build' and installs the 'hyperstack-cli' utility from the vendor.
  • [PROMPT_INJECTION]: An indirect prompt injection surface is identified in the URL resolver functionality, which can fetch data from arbitrary HTTP endpoints defined in on-chain IDLs; there are no boundary markers or explicit sanitization steps for this untrusted external data ingestion.
Recommendations
  • HIGH: Downloads and executes remote code from: https://sh.rustup.rs - DO NOT USE without thorough review
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 15, 2026, 06:50 AM