network-tools
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONDATA_EXFILTRATIONCREDENTIALS_UNSAFE
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The skill enables high-privilege operations including process termination (
kill -9,fuser -k) and network interface reconfiguration (ip addr,ip link). If triggered by untrusted user input, these can lead to system instability or Denial of Service. - [DATA_EXFILTRATION] (MEDIUM): Provides packet capture capabilities via
tcpdump. Using flags like-Aor-Xallows the agent to read and potentially exfiltrate sensitive plaintext data (credentials, cookies) from the network stream. - [COMMAND_EXECUTION] (MEDIUM): Support for
curlandwgetallows arbitrary outbound network requests. This presents a vulnerability surface for Server-Side Request Forgery (SSRF) where an attacker could probe internal networks or exfiltrate data via HTTP. - [CREDENTIALS_UNSAFE] (LOW): Code examples include passing authentication tokens and passwords directly in command-line arguments (
curl -u,Authorization: Bearer), which is a security anti-pattern as it risks exposing secrets in system logs or shell history.
Recommendations
- AI detected serious security threats
Audit Metadata