gooserelayvpn-socks5-tunnel
Fail
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to download pre-built binaries and clone source code from an external GitHub repository (github.com/kianmhz/GooseRelayVPN) that is not associated with the skill's author or a trusted vendor.\n- [REMOTE_CODE_EXECUTION]: The skill provides instructions to execute external binaries (goose-client, goose-server) and shell scripts (gen-key.sh) immediately after downloading them from an unverified source.\n- [COMMAND_EXECUTION]: The skill uses shell commands to perform system-level modifications, including the creation of systemd service files in protected directories such as '/etc/systemd/system/'.\n- [COMMAND_EXECUTION]: The skill requires 'sudo' privileges to modify system firewall rules (ufw allow 8443/tcp) and to manage system services, which grants the agent elevated permissions over the host machine.
Recommendations
- AI detected serious security threats
Audit Metadata