Skills
skills/alsk1992/cloddsbot/processes/Gen Agent Trust Hub

processes

Fail

Audited by Gen Agent Trust Hub on Feb 20, 2026

Risk Level: HIGHCOMMAND_EXECUTIONDATA_EXFILTRATIONREMOTE_CODE_EXECUTION
Full Analysis
  • COMMAND_EXECUTION (HIGH): The run and exec commands in index.ts take arbitrary user-provided strings and pass them directly to the underlying execution engine proc.execute(). This grants the agent full shell access on the host system without any allowlisting or restricted environment.
  • DATA_EXFILTRATION (HIGH): The skill captures and returns the full stdout and stderr of executed commands. This allows for the reading and exfiltration of sensitive files (e.g., SSH keys, environment variables, or database credentials) through the chat interface.
  • COMMAND_EXECUTION (MEDIUM): The kill command allows for terminating process trees by PID using proc.killTree(pid). Without permission checks, this can be abused to perform Denial of Service (DoS) attacks against the host or other running applications.
  • PROMPT_INJECTION (LOW): This skill exposes a significant attack surface for indirect prompt injection (Category 8).
  • Ingestion points: User-supplied arguments in the execute function within index.ts.
  • Boundary markers: None; the raw command string is interpolated directly into the execution call.
  • Capability inventory: Arbitrary subprocess execution (proc.execute) and process termination (proc.killTree).
  • Sanitization: None; there is no validation or escaping of the command string before execution.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 20, 2026, 08:51 PM