flightcontrol-config
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill processes untrusted external data (configuration files) and has high-privilege capabilities.
- Ingestion points: Reads
flightcontrol.jsonandflightcontrol.cuefiles from the user's workspace. - Boundary markers: None. There are no delimiters or instructions to ignore embedded commands within the processed configuration files.
- Capability inventory: Modifies local configuration files and executes shell commands via
npx flightcontrol-validate. - Sanitization: None. The skill does not validate or sanitize the content of the configuration files before passing them to the validation tool or reflecting them in its own logic.
- [Remote Code Execution] (HIGH): The skill explicitly instructs the agent to run
npx flightcontrol-validate <config-file>. - Evidence: The
Validationsection mandates the use ofnpx, which downloads and executes code from the npm registry at runtime. - Risk: If an attacker can compromise the
flightcontrol-validatepackage or perform a typosquatting attack, they could achieve code execution on the user's machine. - [Command Execution] (MEDIUM): The skill uses subprocess calls to execute validation logic.
- Evidence:
npx flightcontrol-validate <config-file>. - Risk: While the command itself is parameterized, the underlying execution environment is exposed to the outputs and side effects of the validation tool.
Recommendations
- AI detected serious security threats
Audit Metadata