iotnet
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Privilege Escalation] (HIGH): The skill explicitly instructs the agent to execute commands using
sudofor live network captures (e.g.,sudo iotnet -i eth0 -d 30). This grants the tool root-level access to the host system. - [Unverifiable Dependencies] (MEDIUM): The skill relies on an external binary located in the
iothackbotdirectory. The source, integrity, and safety of this 'iothackbot' suite cannot be verified, which is a major security risk when combined with elevated privileges. - [Indirect Prompt Injection] (HIGH): This skill exhibits a high-risk attack surface for indirect prompt injection.
- Ingestion points: Processes untrusted network traffic and packet capture (PCAP) files.
- Boundary markers: None present; the skill treats all packet data as legitimate input for its analysis engine.
- Capability inventory: Executes shell commands with
sudoprivileges via theiotnetbinary. - Sanitization: No evidence of sanitization for packet contents or BPF filters provided by users.
- [Command Execution] (HIGH): The skill executes arbitrary commands on the host system, including parameters like
--configwhich could potentially be used to point to malicious configuration files or trigger path traversal vulnerabilities.
Recommendations
- AI detected serious security threats
Audit Metadata