dependency_confusion_test
Fail
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill attempts to fetch and install packages with names that strongly resemble popular, legitimate libraries, a technique known as typosquatting. Evidence: TOOL.py defines a list of packages including reqeusts, urllib3-lib, python-utils, crypto-lib, and pandas-utils.
- [COMMAND_EXECUTION]: The skill uses shell commands to install software at runtime, bypassing standard dependency management and environment isolation. Evidence: TOOL.py uses subprocess.run to programmatically install the suspicious packages via pip.
- [REMOTE_CODE_EXECUTION]: The skill imports and executes functions from the installed suspicious packages, allowing potentially malicious remote code to run in the local environment. Evidence: TOOL.py contains logic to import reqeusts as requests and call urllib3_lib.activate().
Recommendations
- AI detected serious security threats
Audit Metadata