certbot
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The skill instructs the agent to perform administrative tasks using 'sudo' in SKILL.md. These commands include system-level software installation ('sudo snap install --classic certbot'), filesystem modifications ('sudo ln -s /snap/bin/certbot /usr/bin/certbot'), and the modification of web server configurations ('sudo certbot --nginx'). Executing these commands grants the agent full root access to the underlying system.
- [EXTERNAL_DOWNLOADS] (LOW): The skill instructs the installation of 'certbot' via Snap. While Snap is a trusted repository, downloading and installing software at runtime introduces potential supply chain risks if the package manager itself is compromised or if an incorrect package name is used.
Recommendations
- AI detected serious security threats
Audit Metadata