PocketBase Hooks
Warn
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The documentation provides instructions on using the
$os.exec()global object to run shell commands, including examples likels -la /tmp. This methodology allows the agent to interact directly with the host operating system.- [EXTERNAL_DOWNLOADS]: The guide details methods for fetching remote content, such as$filesystem.fileFromURL()for downloading files and$http.send()for performing outbound network requests, enabling the retrieval of external data.- [DATA_EXFILTRATION]: The skill documents how to access sensitive application data, including database records and authentication information. These access patterns, when paired with the documented HTTP client, establish a functional pathway for moving sensitive data to external servers.
Audit Metadata