packaging-tauri-for-linux
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- REMOTE_CODE_EXECUTION (HIGH): The skill includes a command in the
snapcraft.yamlsection that downloads a script fromhttps://sh.rustup.rsand pipes it directly into the shell (| sh). This is a critical security risk as it executes unverified remote code without integrity checks. - COMMAND_EXECUTION (MEDIUM): The instructions frequently utilize
sudofor system-level operations such asapt install,snap install, andsnapcraft. This encourages executing broad commands with elevated privileges on the host system. - EXTERNAL_DOWNLOADS (LOW): The skill references and downloads external assets, including
.debpackages from GitHub releases and the Rust toolchain, which introduces external dependencies into the build process. - DATA_EXFILTRATION (LOW): The RPM packaging section involves exporting GPG secret keys to a local file (
private.key) and storing a passphrase in an environment variable. While common for signing, this pattern risks accidental exposure of sensitive cryptographic material. - PROMPT_INJECTION (LOW): The skill has an Indirect Prompt Injection surface (Category 8). It ingests untrusted configuration data from files like
flatpak-builder.yamlandPKGBUILDto drive build commands (npm,cargo,ar). There are no boundary markers or sanitization steps to prevent malicious instructions embedded in these external build manifests from influencing agent behavior during the packaging process.
Recommendations
- HIGH: Downloads and executes remote code from: https://sh.rustup.rs - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata