Skills
skills/chaterm/terminal-skills/traffic-analysis/Gen Agent Trust Hub

traffic-analysis

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION] (HIGH): The skill utilizes tools like tcpdump, tshark, ngrep, iftop, and nethogs which require raw socket access and elevated (root/sudo) privileges to function correctly.
  • [COMMAND_EXECUTION] (HIGH): Includes instructions to install system-wide software via apt install, allowing the agent to modify the system state and expand its attack surface.
  • [DATA_EXPOSURE] (HIGH): Provides specific patterns for intercepting sensitive information, such as ngrep -q 'password' port 80 and extraction of HTTP headers, which may contain credentials or PII in unencrypted traffic.
  • [PRIVILEGE_ESCALATION] (MEDIUM): While the commands do not explicitly prepend sudo, the nature of the tools listed implies a requirement for administrative access, which may lead an agent to attempt privilege escalation to execute them.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 10:37 AM