masterhttprelayvpn-proxy
Fail
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill requires the user to install a custom Root Certificate Authority (CA) using administrative privileges (sudo, certutil, or system security commands). This enables the software to perform Man-in-the-Middle (MITM) attacks and decrypt all encrypted (HTTPS) traffic on the device.
- [EXTERNAL_DOWNLOADS]: The software is downloaded and executed from an unverified personal GitHub repository (masterking32/MasterHttpRelayVPN).
- [EXTERNAL_DOWNLOADS]: The documentation suggests using an unofficial third-party Python package mirror (runflare.com), which creates a supply chain risk as the integrity of the packages cannot be verified against the official registry.
Recommendations
- AI detected serious security threats
Audit Metadata