open-application
Warn
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to construct and execute a shell command using unvalidated user input.- Evidence: The procedure step 3 explicitly tells the agent to 'Execute the open command: open -a {{APPLICATION_NAME}}' where 'APPLICATION_NAME' is a parameter provided by the user. An attacker could provide a malicious string containing shell metacharacters (e.g., 'Mail; rm -rf /') to execute arbitrary commands on the system.
Audit Metadata