testing-expected-results
Warn
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The script scripts/verify.sh executes arbitrary shell commands using bash -c. Although the documentation in SKILL.md and the script's help text claim to support security sandboxing and resource limits, these parameters are parsed but never applied during command execution.
- [DATA_EXFILTRATION]: The tool captures extensive system metadata, including filesystem structure, process lists, and network states, which are stored in a temporary directory. This provides a detailed profile of the host environment.
- [PROMPT_INJECTION]: The skill contains deceptive metadata, claiming verification capabilities (DB, HTTP) and safety features (sandboxing) that do not exist in the implementation. It also lacks sanitization for command outputs processed by the verification logic (Ingestion point: command output logs in scripts/verify.sh; Boundary markers: absent; Capability inventory: arbitrary shell execution; Sanitization: absent).
Audit Metadata