Skills
skills/dawiddutoit/custom-claude/infrastructure-backup-restore/Gen Agent Trust Hub

infrastructure-backup-restore

Warn

Audited by Gen Agent Trust Hub on Feb 24, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes sudo to perform high-privilege operations, including modifying user groups (usermod), managing systemd service files in /etc/systemd/system/, and accessing protected Docker volume data in /var/lib/docker/volumes/.
  • [DATA_EXFILTRATION]: The skill procedures involve copying sensitive .env files and Docker volume contents known to contain API tokens (Cloudflare, Google OAuth), passwords, and webhook secrets into backup archives.
  • [EXTERNAL_DOWNLOADS]: Fetches the official Docker installation script from https://get.docker.com and executes it. This is a well-known service used for infrastructure provisioning.
  • [PROMPT_INJECTION]: The skill processes untrusted infrastructure configuration files and has the capability to execute commands based on their content via docker compose or shell operations.
  • Ingestion points: Reads configuration files from /home/dawiddutoit/projects/network/.
  • Boundary markers: Absent.
  • Capability inventory: High-privilege shell execution (sudo), service management (docker compose), and file system manipulation.
  • Sanitization: Absent; files are processed and archived without validation.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 24, 2026, 05:23 PM