Skills
skills/azzgo/agent-skills/aria2-json-rpc/Gen Agent Trust Hub

aria2-json-rpc

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCREDENTIALS_UNSAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [Data Exposure] (HIGH): The skill manages RPC authentication secrets stored at ~/.config/aria2-skill/config.json, which is a sensitive file path for credential storage.
  • [Indirect Prompt Injection] (HIGH): The skill handles untrusted URIs and torrent files, which can be used to execute malicious download tasks. 1. Ingestion points: add-torrent.py (torrent files) and rpc_client.py (URIs). 2. Boundary markers: Absent; no delimiting or 'ignore' instructions for external content are provided in prompts. 3. Capability inventory: The skill can perform arbitrary network requests and write files via the aria2 service. 4. Sanitization: Absent; external input is passed directly to the rpc client methods.
  • [Unverifiable Dependencies] (LOW): The skill recommends the installation of the websockets package for optional monitoring features, which is a standard PyPI dependency.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 07:32 AM