Skills
skills/andvl1/claude-plugin/koog/Gen Agent Trust Hub

koog

Fail

Audited by Gen Agent Trust Hub on Apr 20, 2026

Risk Level: HIGHCOMMAND_EXECUTIONDATA_EXFILTRATIONREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The framework provides an ExecuteShellCommandTool enabling the agent to run arbitrary shell commands on the host system.
  • [COMMAND_EXECUTION]: The BraveModeConfirmationHandler allows for the automatic execution of shell commands without human oversight, creating a significant risk of unauthorized system operations.
  • [DATA_EXFILTRATION]: The skill includes ReadFileTool, ListDirectoryTool, and WriteFileTool, which grant the agent the ability to read and modify sensitive files on the local file system.
  • [DATA_EXFILTRATION]: The TraceFeatureMessageRemoteWriter allows agent execution data and traces to be sent to arbitrary remote HTTP endpoints, which could be used to exfiltrate system information or session data.
  • [REMOTE_CODE_EXECUTION]: The combination of the WriteFileTool (to create scripts) and the ExecuteShellCommandTool (to run them) provides a direct vector for remote code execution if the agent is compromised.
  • [PROMPT_INJECTION]: As an LLM-orchestration framework, it is susceptible to prompt injection attacks where malicious instructions could trigger the dangerous file and shell capabilities.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Apr 20, 2026, 11:56 PM