Skills
skills/fldc/agent-skills/openwrt-config/Gen Agent Trust Hub

openwrt-config

Warn

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill is designed to execute arbitrary shell commands on a remote OpenWrt router via SSH as the root user. This includes managing system services, modifying core configuration files using the Unified Configuration Interface (UCI), and performing system backups.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted data from the router, including configuration files (/etc/config/*), system logs (logread), and active DHCP leases. Malicious instructions embedded in these data sources could influence the agent's logic during subsequent steps of a workflow.
  • [EXTERNAL_DOWNLOADS]: The skill uses the opkg package manager to update package lists and install software from OpenWrt's official repositories. These are well-known, trusted sources for the target platform.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 17, 2026, 09:54 AM