ssh-config
Warn
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: MEDIUMDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADS
Full Analysis
- Data Exposure & Exfiltration (MEDIUM): Scripts in the skill access and list files in the sensitive ~/.ssh directory. scripts/ssh-key-manager.sh and scripts/ssh-troubleshooter.sh list public keys and the troubleshooter performs chmod on private keys, exposing metadata and path information to the agent context.
- Privilege Escalation (MEDIUM): The references/ssh-security.md file includes commands requiring sudo privileges, such as sudo systemctl restart sshd. While relevant to SSH hardening, this encourages the agent to seek elevated permissions.
- Command Execution (MEDIUM): The skill enables the agent to modify the SSH configuration file (~/.ssh/config) and execute verbose SSH commands. These capabilities could be misused to establish unauthorized network tunnels.
- Indirect Prompt Injection (LOW): The troubleshooter script ingests untrusted data from DNS and remote SSH banners, creating an injection surface. Evidence: 1. Ingestion: nslookup and ssh -vvv in scripts/ssh-troubleshooter.sh. 2. Boundary markers: Absent. 3. Capability inventory: File writes to ~/.ssh/config and shell execution. 4. Sanitization: Absent.
- Credentials Unsafe (LOW): scripts/ssh-key-manager.sh generates SSH keys without passphrases by default using the -N "" flag.
- External Downloads (LOW): The skill documentation suggests installing the autossh package via brew or apt.
Audit Metadata