antigravity-exec

Fail

Audited by Gen Agent Trust Hub on Jul 7, 2026

Risk Level: HIGHCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructions explicitly encourage the use of the --dangerously-skip-permissions flag for the Antigravity CLI. This flag is described as a method to auto-approve all tool permission requests without prompting the user, which bypasses critical security checkpoints and allows the sub-agent to perform potentially harmful actions (like file writes or command execution) without oversight.
  • [COMMAND_EXECUTION]: The skill facilitates passing arbitrary content from local files into the CLI using shell command substitution (e.g., agy -p "$(cat prompt.md)"). This creates a dynamic execution chain where external file content is directly processed as instructions by a sub-agent equipped with tool-execution capabilities.
  • [COMMAND_EXECUTION]: The skill relies on the presence of an external binary (agy) on the system PATH and directs the agent to execute shell commands with this binary, including configurations that modify workspace directories (--add-dir) and log file paths (--log-file), which could be used to interact with sensitive areas of the filesystem.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Jul 7, 2026, 12:53 AM
Security Audit — agent-trust-hub — antigravity-exec