Skills
skills/dauquangthanh/hanoi-rainbow/system-migration/Gen Agent Trust Hub

system-migration

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION] (MEDIUM): The file references/system-configuration-migration.md includes scripts that access sensitive directories such as /etc/, /home/*/.ssh/, and /root/.ssh/. While necessary for migration, this exposes credentials to the agent's context. Severity downgraded from HIGH due to primary skill purpose.
  • [COMMAND_EXECUTION] (MEDIUM): The migration templates involve using ssh root@ and system package managers (yum), which require full administrative control. Severity downgraded from HIGH due to primary skill purpose.
  • [PROMPT_INJECTION] (LOW): The skill presents an indirect prompt injection surface (Category 8).
  • Ingestion points: System configuration files and SSH directories read in references/system-configuration-migration.md.
  • Boundary markers: Absent.
  • Capability inventory: SSH, SCP, TAR, and system service management via systemctl.
  • Sanitization: None; files are archived and transferred without content validation.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:13 PM