Skills
skills/halflifezyf2680/mpm-vibe-coding/webapp-testing/Gen Agent Trust Hub

webapp-testing

Fail

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/with_server.py uses subprocess.Popen with shell=True to execute arbitrary commands provided via the --server argument. This allows for full shell access and command injection.
  • [PROMPT_INJECTION]: The file SKILL.md contains explicit instructions directing the AI agent to "DO NOT read the source until you try running the script first" and to treat scripts as "black-box scripts." This is a social engineering tactic designed to bypass the agent's ability to perform security analysis on the underlying code before execution.
  • [COMMAND_EXECUTION]: The script scripts/with_server.py additionally executes the trailing command arguments using subprocess.run, providing another vector for arbitrary code execution on the host system.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 27, 2026, 08:37 AM