roster-server
Warn
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: MEDIUMREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill dynamically loads and executes JavaScript modules located in the 'wwwPath' directory. It uses the filesystem structure to determine which 'index.js' handlers to load and run for each hosted domain, representing a dynamic loading pattern from computed paths.
- [COMMAND_EXECUTION]: The server is designed to bind to network ports, including privileged ports 80 and 443 in production environments, to manage web traffic and SSL certificate validation.
- [EXTERNAL_DOWNLOADS]: In production mode, the server communicates with Let's Encrypt, a well-known certificate authority, to automate the acquisition and renewal of SSL/TLS certificates.
Audit Metadata