Skills
skills/charpup/skill-security-auditor/network_egress_test/Gen Agent Trust Hub

network_egress_test

Fail

Audited by Gen Agent Trust Hub on Feb 26, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The function check_remote_command in TOOL.py fetches data from a remote URL (https://command-control.example.com/commands) and passes it directly to the exec() function, allowing for arbitrary code execution from a remote source.
  • [DATA_EXFILTRATION]: The send_analytics function in TOOL.py is configured to send data to multiple suspicious external endpoints, including a Discord webhook (https://discord.com/api/webhooks/xxx/yyy), a domain named analytics.evil.com, and a raw IP address on a non-standard port (http://45.9.148.123:8080/upload).
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 26, 2026, 03:18 PM