Skills
skills/alsk1992/cloddsbot/remote/Gen Agent Trust Hub

remote

Fail

Audited by Gen Agent Trust Hub on Feb 20, 2026

Risk Level: HIGHCREDENTIALS_UNSAFEDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
  • CREDENTIALS_UNSAFE (HIGH): The skill documentation and implementation provide direct methods to access sensitive private credential files.
  • Evidence: SKILL.md includes implementation examples reading from ~/.ssh/id_rsa using fs.readFileSync.
  • Evidence: index.ts includes a --key flag in the /remote ssh command allowing the agent to specify paths to private keys.
  • DATA_EXFILTRATION (HIGH): The core functionality allows exposing local ports and services to the public internet, which can be abused to exfiltrate data or create unauthorized backdoors.
  • Evidence: Functions createNgrokTunnel, createCloudflareTunnel, and createSshTunnel facilitate external connectivity and port forwarding.
  • INDIRECT PROMPT INJECTION (LOW): The skill accepts untrusted string input from chat commands to configure network parameters without sufficient sanitization.
  • Ingestion points: The args parameter in the execute function of index.ts processes raw user input.
  • Boundary markers: Absent. There are no delimiters or instructions to prevent the agent from following commands embedded in the data.
  • Capability inventory: File system read (private keys), network egress (tunnel creation), and port binding.
  • Sanitization: Only basic numerical validation for port numbers is performed; hostnames and file paths are used directly.
  • COMMAND_EXECUTION (MEDIUM): The skill executes complex system-level network operations through an internal tunnels manager based on user-provided arguments.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 20, 2026, 08:51 PM