farm-monitor
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (HIGH): The skill directs users to clone a repository from an untrusted source (
https://github.com/braiins/farm-monitor.git). This organization and repository are not within the established trust scope, posing a risk of malicious code distribution.\n- COMMAND_EXECUTION (HIGH): The setup instructions require runningdocker compose up -d, which executes third-party containers. This provides a direct mechanism for executing arbitrary code from the untrusted repository on the user's infrastructure.\n- CREDENTIALS_UNSAFE (LOW): The documentation contains hardcoded default credentials (root/root). While used as examples, they encourage insecure deployment practices and potential unauthorized access if not changed by the user.\n- PROMPT_INJECTION (HIGH): The skill ingests untrusted external content from GitHub issues and releases (Category 8: Indirect Prompt Injection). Since the skill is designed to assist with management and troubleshooting using high-privilege tools like Docker, an attacker could embed malicious instructions in an issue that an agent might later interpret as valid operational commands.
Recommendations
- AI detected serious security threats
Audit Metadata