Skills
skills/aiagentwithdhruv/skills/local-server/Gen Agent Trust Hub

local-server

Warn

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local Python script execution/local_server.py to start a FastAPI server and uses cloudflared to establish a network tunnel.
  • [DATA_EXFILTRATION]: The skill explicitly grants the agent access to local files and environment variables containing credentials. Exposing this environment to the public internet via a Cloudflare tunnel creates a path for sensitive local data to be accessed or exfiltrated.
  • [PROMPT_INJECTION]: The server endpoints /directive and /general-agent ingest untrusted external data from webhooks. This provides an indirect prompt injection surface where external inputs could manipulate the agent's behavior, which is particularly risky given the agent's stated access to local files and system commands.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 6, 2026, 02:18 PM