system-info
Warn
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
- [Indirect Prompt Injection] (MEDIUM): The
list_directory.pyscript accepts a path argument without any sanitization or sandboxing, creating a reconnaissance surface. * Ingestion points: The script reads fromsys.argv[1]inscripts/list_directory.py. * Boundary markers: Absent. There are no restrictions to keep the listing within a specific workspace or directory. * Capability inventory: Provides the ability to list all files, check directory status, and retrieve file sizes across any accessible path on the host viaos.listdir. * Sanitization: None. The script directly passes the input string toos.listdir()andos.path.abspath(). - [Data Exposure] (LOW):
get_system_info.pygathers system fingerprinting data. * Evidence: The script collectsplatform.node()(hostname),platform.version(), andplatform.processor(), which can be used to identify specific host environments and potential vulnerabilities.
Audit Metadata