blue-team-root
Warn
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes Python's subprocess module to run 'iptables' for host isolation, which is a high-privilege operation that modifies system firewall rules.
- [COMMAND_EXECUTION]: The skill executes the 'snort' binary via os.system and subprocess calls to perform network traffic analysis and monitoring.
- [DATA_EXFILTRATION]: The skill contains logic to export security findings to external third-party endpoints, specifically referencing Splunk webhooks.
- [CREDENTIALS_UNSAFE]: The skill relies on environment variables (OPENCLAW_API_KEY) for authentication, which is a standard but sensitive practice requiring secure environment configuration.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it processes external data from network targets and log entries.
- Ingestion points: User-provided network targets and log messages retrieved from Elasticsearch.
- Boundary markers: Not present in the provided documentation or snippets.
- Capability inventory: Execution of system-level binaries (iptables, snort) and file system writes for logging.
- Sanitization: No explicit validation or sanitization of ingested data is demonstrated.
Audit Metadata