server-status
Fail
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to use
sudofor administrative commands (systemctl,journalctl), granting high-level privileges on the host system.- [COMMAND_EXECUTION]: Includes instructions to read system-level configuration files (/etc/systemd/system/nautilus-trader.service) which can contain sensitive environmental variables or internal service logic.- [COMMAND_EXECUTION]: Exposes infrastructure reconnaissance data, including a hardcoded IP address (139.180.157.152), a specific username (linuxuser), and absolute file paths within the user's home directory.- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through the monitoring of service logs (journalctl). - Ingestion points: Log data from the
nautilus-traderservice. - Boundary markers: None present; logs are read and processed directly.
- Capability inventory: The agent has access to
sudoand system-level file reading via the provided commands. - Sanitization: No sanitization or validation of log content is specified before processing.
Recommendations
- AI detected serious security threats
Audit Metadata