misc-tools
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION] (MEDIUM): The file 'references/linux_commands.md' includes commands for establishing reverse shells ('nc -e /bin/bash') and bind shells ('socat EXEC:/bin/bash'). While common in CTF scenarios, these are high-risk command patterns.
- [EXTERNAL_DOWNLOADS] (MEDIUM): Documentation recommends installing numerous system packages and Python libraries via 'apt-get' and 'pip'. It also includes 'curl' and 'wget' commands targeting non-whitelisted domains like 'target.com'.
- [COMMAND_EXECUTION] (MEDIUM): Inclusion of privilege escalation reconnaissance commands such as 'sudo -l' and SUID bit searches ('find / -perm -4000') in 'references/linux_commands.md'.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes untrusted external data (Brainfuck code, images, audio) using system binaries and Python scripts. Evidence Chain: 1. Ingestion points: 'bf_decode.py' (file reading), 'qr_scan_all.sh' (image globbing), 'spectrogram.sh' (audio file input). 2. Boundary markers: No explicit delimiters are used in the provided code snippets to isolate processed data from instructions. 3. Capability inventory: Use of 'subprocess.run' in Python and direct shell execution of 'zbarimg', 'sox', and 'ffmpeg'. 4. Sanitization: Input is checked for file existence but lacks rigorous sanitization before being passed to system command arguments.
Audit Metadata