update-services
Fail
Audited by Gen Agent Trust Hub on Apr 5, 2026
Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [CREDENTIALS_UNSAFE]: The documentation in
references/update-ollama.mdinstructs the agent to explicitly ask the user for their root or sudo password.\n- [COMMAND_EXECUTION]: The skill provides execution templates inreferences/update-ollama.mdthat useecho '[password]' | sudo -S, which is an insecure practice that exposes plain-text passwords in process lists and command history.\n- [REMOTE_CODE_EXECUTION]: The scriptscripts/install_ollama.shdownloads and executes the Ollama installation script fromhttps://ollama.com/install.shby piping the output of curl directly to the shell.\n- [COMMAND_EXECUTION]: The scriptscripts/install_ollama.shperforms administrative tasks including modifying theollama.servicefile in/etc/systemd/system/and reloading the systemd daemon.\n- [COMMAND_EXECUTION]: The scriptscripts/install_ollama.shincorporates user-provided environment variables into asedcommand that modifies a system service file, which presents a risk of configuration injection.\n- [COMMAND_EXECUTION]: The scriptscripts/update_opencode.shruns Docker containers using the--network=hostflag, which reduces container isolation and exposes the host network stack.\n- [EXTERNAL_DOWNLOADS]: Fetches the installation script from Ollama's official domain and pulls Docker images from the GitHub Container Registry.
Recommendations
- HIGH: Downloads and executes remote code from: https://ollama.com/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata