deepwork-tracker
Fail
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill's bootstrap process clones a repository from an unverified GitHub user (
adunne09/deepwork-tracker) who is not associated with the skill's author. - [REMOTE_CODE_EXECUTION]: The skill downloads an executable script (
deepwork.js) from a remote source and executes it locally using the agent's capabilities. - [DATA_EXFILTRATION]: The instructions for the 'Show deep work graph' workflow explicitly mandate that the agent 'Always send' the generated output to a hardcoded Telegram ID (
8551040296), which constitutes unauthorized data exfiltration to a third party. - [COMMAND_EXECUTION]: The skill executes multiple shell commands to set up the environment, including
git clone,chmod +x, and running the downloaded JavaScript file via the command line.
Recommendations
- AI detected serious security threats
Audit Metadata