waf-setup
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: LOWCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill invokes local command-line tools including
awsCLI for WAF ACL creation andcurlfor interacting with the Cloudflare API. While these are standard administrative tasks, they require execution privileges on the host system.\n- [EXTERNAL_DOWNLOADS] (LOW): The skill performs agit cloneof the OWASP ModSecurity Core Rule Set from GitHub. Although this is a trusted security resource, downloading and deploying external rulesets at runtime is an external dependency risk.
Audit Metadata