Skills
skills/housegarofalo/claude-code-base/adguard-home/Gen Agent Trust Hub

adguard-home

Fail

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: HIGHCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses sudo extensively over SSH to restart services, view system logs, and perform binary updates (sudo ./AdGuardHome --update), which requires high-level system privileges.
  • [DATA_EXFILTRATION]: The skill reads the main configuration file /opt/AdGuardHome/AdGuardHome.yaml via cat over SSH. This file contains sensitive server settings, network configurations, and potentially credentials.
  • [PROMPT_INJECTION]: The skill processes DNS query logs from the AdGuard Home API, which can contain attacker-controlled domain names, presenting an indirect prompt injection risk.
  • Ingestion points: Data is fetched from the /control/querylog endpoint via scripts/adguard_api.py.
  • Boundary markers: No explicit delimiters or warnings to ignore embedded instructions are present in the processing logic.
  • Capability inventory: The skill can execute SSH commands with sudo, modify DNS filtering rules, and update system binaries.
  • Sanitization: No sanitization or validation of the ingested query log data is described.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 15, 2026, 11:08 AM