Linux Privilege Escalation
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- Remote Code Execution (CRITICAL): The skill uses a highly dangerous pattern (
curl | sh) to download and execute code from an untrusted GitHub repository (carlospolop/PEASS-ng). This grants the remote source full control over the agent's execution environment. - Command Execution (HIGH): The specific script being executed,
linpeas.sh, is a privilege escalation tool. Its use indicates an attempt to discover and exploit system-level vulnerabilities.
Recommendations
- CRITICAL: Downloads and executes remote code from untrusted source(s): https://github.com/carlospolop/PEASS-ng/releases/latest/download/linpeas.sh - DO NOT USE
- AI detected serious security threats
Audit Metadata