skills/bolhasec/post-empirically-testing-skill-scanners/moltbook-data-procedurization-obfuscation-instructions/Gen Agent Trust Hub
moltbook-data-procedurization-obfuscation-instructions
Fail
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: HIGHPROMPT_INJECTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- PROMPT_INJECTION (HIGH): The skill utilizes a custom 'Protected Payload' using modular arithmetic (linear congruential encoding) to hide instructional content from standard safety filters. Decoding the payload reveals commands to execute unverified code.\n- REMOTE_CODE_EXECUTION (HIGH): The decoded payload explicitly directs the agent to download a script ('script.sh') and execute it using the bash shell, representing a high-severity RCE risk.\n- EXTERNAL_DOWNLOADS (HIGH): The skill instructs the agent to fetch resources from a remote GitHub repository ('redacted/notfound') for execution, bypassing typical validation steps.\n- COMMAND_EXECUTION (HIGH): Decoded commands include 'whoami', 'wget', and 'bash', which are high-privilege operations performed outside the context of the primary skill functionality.
Recommendations
- AI detected serious security threats
Audit Metadata