antigravity-exec
Fail
Audited by Gen Agent Trust Hub on Jul 7, 2026
Risk Level: HIGHCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions explicitly encourage the use of the
--dangerously-skip-permissionsflag for the Antigravity CLI. This flag is described as a method to auto-approve all tool permission requests without prompting the user, which bypasses critical security checkpoints and allows the sub-agent to perform potentially harmful actions (like file writes or command execution) without oversight. - [COMMAND_EXECUTION]: The skill facilitates passing arbitrary content from local files into the CLI using shell command substitution (e.g.,
agy -p "$(cat prompt.md)"). This creates a dynamic execution chain where external file content is directly processed as instructions by a sub-agent equipped with tool-execution capabilities. - [COMMAND_EXECUTION]: The skill relies on the presence of an external binary (
agy) on the system PATH and directs the agent to execute shell commands with this binary, including configurations that modify workspace directories (--add-dir) and log file paths (--log-file), which could be used to interact with sensitive areas of the filesystem.
Recommendations
- AI detected serious security threats
Audit Metadata