picocom
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [Privilege Escalation] (HIGH): The guide instructs users to execute commands with
sudoforsocatandfuser. Critically, it recommendssudo usermod -a -G dialout $USER, which performs a persistent modification of user permissions to grant access to hardware devices. - [Data Exposure] (MEDIUM): The documentation suggests logging real-time serial I/O to
/tmp/serial_session.log. Since/tmpis often world-readable, and serial sessions may contain passwords, SSH keys, or configuration data, this creates a high risk of local data exposure. - [Indirect Prompt Injection] (LOW): The skill is designed to ingest and display raw data from external hardware devices.
- Ingestion points: Serial device input read via
serial_helper.pyorcat /dev/ttyUSB0. - Boundary markers: None specified in the documentation to distinguish device output from agent instructions.
- Capability inventory: The guide demonstrates the ability to execute system commands like
socat,picocom, andfuser. - Sanitization: No evidence of sanitization for device-provided content before it is processed or displayed.
- [Command Execution] (LOW): The skill relies on the execution of several host-level binaries (
tail,cat,screen,socat,picocom) to perform its primary function of monitoring hardware interfaces.
Recommendations
- AI detected serious security threats
Audit Metadata