elasticsearch
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill provides numerous pre-defined shell commands using
curlto interact with an Elasticsearch instance onlocalhost:9200. These include index deletion, cluster configuration, and document modification. While these are legitimate administrative tools, they allow the agent to perform destructive operations on local services. - [DATA_EXFILTRATION] (SAFE): Network activity is localized to
localhost. There are no patterns suggesting the exfiltration of sensitive files or the use of hardcoded credentials. - [REMOTE_CODE_EXECUTION] (SAFE): There are no external script downloads, remote executions (e.g., curl|bash), or unverifiable third-party dependencies.
Audit Metadata