electron-app-dev
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION] (HIGH): In
references/ipc-patterns.md, the skill provides IPC handlers forfs:readTextFileandfs:writeTextFilethat execute file system operations based on parameters provided by the renderer process. The example code lacks any path validation or sanitization, allowing a compromised renderer or a malicious prompt to read or write arbitrary files on the host system. - [DATA_EXFILTRATION] (HIGH): The
fs:readTextFilecapability, as documented, allows the retrieval of any file content. When used in an agentic context, this allows an agent to access sensitive configuration files (~/.ssh, .env) and potentially exfiltrate them through other available tools or its own output. - [INDIRECT_PROMPT_INJECTION] (HIGH): The skill exposes an attack surface where untrusted data (renderer-side content) can influence file system write operations.
- Ingestion points: IPC handlers
fs:writeTextFileandsave-fileinreferences/ipc-patterns.md. - Boundary markers: Absent in the provided code snippets.
- Capability inventory:
fs.promises.writeFile,fs.writeFileSync,fs.promises.readFile. - Sanitization: None. The
validateSenderfunction checks the source frame but does not validate the content or the target file path. - [EXTERNAL_DOWNLOADS] (LOW):
references/packaging.mdconfigureselectron-builderandelectron-updaterto download dependencies and updates from GitHub. These are considered trusted sources per [TRUST-SCOPE-RULE], though they represent a remote code dependency.
Recommendations
- AI detected serious security threats
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata