static-assets-hosting
Fail
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches the official Docker installation script from the well-known domain get.docker.com to prepare the hosting environment.\n- [COMMAND_EXECUTION]: Instructs the agent to execute shell commands with sudo to install Docker, which requires and grants root-level administrative access to the host system.\n- [REMOTE_CODE_EXECUTION]: The provided Node.js implementation uses child_process.exec with a template string to run the zip command. Because the folderPath variable is interpolated directly without sanitization, it creates a high-risk command injection vulnerability.\n- [DATA_EXFILTRATION]: Compresses user-selected directory contents into a ZIP archive and uploads them to the external vendor-controlled endpoint at filedrop.besoeasy.com for hosting purposes.\n- [PROMPT_INJECTION]: Indirect injection surface identified. 1. Ingestion points: User-provided folder names and local project files. 2. Boundary markers: None. 3. Capability inventory: High-privilege shell command execution (sudo, docker) and dynamic script execution. 4. Sanitization: No input validation or escaping is applied to parameters used in command strings.
Recommendations
- HIGH: Downloads and executes remote code from: https://get.docker.com - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata