infrastructure-monitoring-setup
Warn
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONCREDENTIALS_UNSAFEDATA_EXFILTRATION
Full Analysis
- [PRIVILEGE_ESCALATION]: The skill instructions require the use of
sudoto perform administrative tasks such as copying configuration files to/etc/systemd/system/and managing system services viasystemctl. - [PERSISTENCE_MECHANISMS]: The skill installs and enables a systemd timer (
infrastructure-monitor.timer) and service to ensure that monitoring scripts run automatically at 5-minute intervals and persist across system reboots. - [DATA_EXPOSURE_AND_EXFILTRATION]: The skill instructs the user to store sensitive information, including a Home Assistant 'Long-Lived Access Token' and a unique
ntfytopic ID, within a.envfile. It also provides a sample JWT token header as a placeholder. - [INDIRECT_PROMPT_INJECTION]:
- Ingestion points: The skill accesses system logs through
journalctl -u infrastructure-monitor.serviceand a persistent log file at/var/log/infrastructure-monitor.log. - Boundary markers: No delimiters or instructions to ignore embedded content are used when reading these logs.
- Capability inventory: The skill has the capability to restart Docker containers, execute shell scripts, and send network requests via
curl. - Sanitization: There is no evidence of sanitization or filtering of log data which may contain output from monitored services or containers.
Audit Metadata