agent-reach
Warn
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes dynamic script execution using
python3 -cand calls tools viamcporter, which allows for arbitrary platform interactions. - [EXTERNAL_DOWNLOADS]: Retrieves installation guides and configuration from a repository (
Panniantong/agent-reach) not associated with the declared author 'gusibi'. - [DATA_EXFILTRATION]: Instructions include the importation of sensitive browser cookies and the configuration of proxies, presenting risks of credential exposure and traffic monitoring.
- [PROMPT_INJECTION]: Vulnerable to Indirect Prompt Injection (Category 8) due to extensive data ingestion. 1. Ingestion points: Data from Twitter, Reddit, YouTube, Bilibili, and WeChat. 2. Boundary markers: Absent; no delimiters separate platform content from agent instructions. 3. Capability inventory: High; including shell execution, network access, and dynamic tool calls. 4. Sanitization: Absent; content from external feeds is processed without validation.
Audit Metadata