process-management
Warn
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requests administrative privileges to modify sensitive system configuration files.
- Evidence: Command 'sudo tee -a /etc/sysctl.conf' used to alter kernel parameters in SKILL.md.
- [COMMAND_EXECUTION]: The skill implements persistence mechanisms to maintain process execution across system restarts.
- Evidence: Instructions to use 'pm2 startup' and 'pm2 save' in SKILL.md.
- [EXTERNAL_DOWNLOADS]: The skill directs users to download and execute code from an unverified third-party source.
- Evidence: URL 'https://github.com/jessety/pm2-installer' for Windows service installation.
- [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection via process management commands.
- Ingestion points: Command arguments for process names and script paths in SKILL.md.
- Boundary markers: Absent.
- Capability inventory: Arbitrary process execution via 'pm2 start', log reading via 'pm2 logs', and persistence setup.
- Sanitization: Absent.
Audit Metadata