one-liners
Warn
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION]: The file
references/advanced-oneliners.mdincludes a pattern that pipes strings generated from a file's content into bash:awk '{print "mkdir -p $(dirname "$0")"}' filelist.txt | bash. This represents a significant risk for command injection if the input file is untrusted. - [COMMAND_EXECUTION]: The skill provides instructions for establishing system persistence by modifying the crontab:
(crontab -l; echo "0 2 * * * /path/to/backup.sh") | crontab -. - [COMMAND_EXECUTION]: The skill includes reconnaissance one-liners designed to identify potential privilege escalation paths, such as finding world-writable files (
find / -type f -perm -o+w) and files with no owner (find / -nouser). - [COMMAND_EXECUTION]: Multiple one-liners perform sensitive operations, including removing macOS quarantine attributes (
xattr -d com.apple.quarantine), bulk file deletions (rm -rf), and force-killing processes on specific ports. - [DATA_EXFILTRATION]: The skill documents networking capabilities including
curl,dig, andsshtunneling (ssh -L). These tools can be leveraged for exfiltrating local system information or bypassing network boundaries. - [EXTERNAL_DOWNLOADS]: The skill provides patterns for automated batch downloads from external URLs using
xargsandcurl, which could be used to fetch remote payloads.
Audit Metadata