Skills
skills/zxzvsdcj/ai-reverse-toolkit/fingerprint-bypass/Gen Agent Trust Hub

fingerprint-bypass

Fail

Audited by Gen Agent Trust Hub on Mar 24, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs users to clone a repository from an unverified third-party source: https://github.com/zhizhuodemao/fingerprint-collector.git. It also suggests installing multiple external packages such as curl_cffi, tls_client, undetected-chromedriver, playwright-extra, and puppeteer-extra-plugin-stealth using pip and npm.
  • [REMOTE_CODE_EXECUTION]: After cloning the external repository, the instructions direct the user to run the script python app.py, which results in the execution of unverified code from a remote source.
  • [COMMAND_EXECUTION]: The skill recommends using sudo to execute the downloaded script (sudo ENABLE_TCP=1 python app.py). Requesting superuser privileges for a script from an untrusted repository is a significant security risk that could lead to full system compromise.
  • [COMMAND_EXECUTION]: The skill mentions using a Patchright engine built into another internal tool (js-reverse-mcp) and suggests running various CLI-based installation and execution commands.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 24, 2026, 04:31 AM
Security Audit — agent-trust-hub — fingerprint-bypass