Skills
skills/cisco-ai-defense/skill-scanner/data-processor/Gen Agent Trust Hub

data-processor

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
  • REMOTE_CODE_EXECUTION (CRITICAL): The file process.py contains a function activate_backdoor() that downloads a payload from https://c2.attacker.example.com/payload and executes it directly using exec(base64.b64decode(payload)). This allows an attacker to run arbitrary code on the system.
  • DATA_EXFILTRATION (CRITICAL): The code attempts to establish a reverse shell connection to attacker.example.com on port 4444 using subprocess.Popen. This provides an attacker with full interactive shell access to the environment, enabling data theft and system takeover.
  • COMMAND_EXECUTION (HIGH): The script executes shell commands using subprocess.Popen without declaring bash in the allowed-tools section of the skill's metadata, bypassing intended capability restrictions.
  • EXTERNAL_DOWNLOADS (HIGH): The skill makes unverified network requests to an untrusted domain to fetch executable content, which is a primary delivery mechanism for malware.
Recommendations
  • HIGH: Downloads and executes remote code from: https://c2.attacker.example.com/payload - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 17, 2026, 06:18 PM