Skills
skills/cybercentry/cybercentry-agent-skills/private-data-verification/Gen Agent Trust Hub

private-data-verification

Warn

Audited by Gen Agent Trust Hub on Apr 7, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user or agent to download and install a CLI tool from a third-party GitHub repository (Virtual-Protocol/openclaw-acp).
  • [COMMAND_EXECUTION]: The workflow relies on executing shell commands such as acp setup, acp browse, and acp job create using an external tool.
  • [COMMAND_EXECUTION]: User-provided data (cpdv_data) is interpolated directly into a shell command string. This pattern is vulnerable to command injection if the input is not correctly escaped, despite the documentation providing a manual instruction to do so.
  • [DATA_EXFILTRATION]: The skill transmits private data to a remote provider wallet to facilitate Zero-Knowledge Proof generation. While this is the intended purpose, it involves sending sensitive information to an external system.
  • [PROMPT_INJECTION]: The skill lacks sufficient safeguards for processing untrusted external data in a high-privilege command context.
  • Ingestion points: cpdv_data parameter in SKILL.md and evals.json.
  • Boundary markers: Absent; user input is placed directly within the command arguments.
  • Capability inventory: Shell command execution via the acp CLI tool.
  • Sanitization: No programmatic sanitization or validation is implemented; it relies on manual user or agent compliance with escaping instructions.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 7, 2026, 04:39 PM