python-prototype-pollution
Fail
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill provides functional payloads to achieve code execution on remote systems by polluting class attributes and global variables. Key vectors include using pydash.invoke to trigger os.system and hijacking sys.path or the PATH environment variable.
- [COMMAND_EXECUTION]: Includes multiple shell command templates (curl) designed to deploy malicious JSON payloads and interact with vulnerable application endpoints.
- [DATA_EXFILTRATION]: Provides specific payloads to bypass directory traversal protections and exfiltrate sensitive files such as /etc/passwd or flag files by polluting Jinja2 template loaders and static file paths.
- [EXTERNAL_DOWNLOADS]: Suggests the installation of external security tools like flask-unsign for session cookie forging and privilege escalation.
Recommendations
- AI detected serious security threats
Audit Metadata