network
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONCREDENTIALS_UNSAFEDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The skill facilitates the execution of powerful system utilities such as
tcpdump,openssl,nc, andcurl. Many of these tools typically require root or sudo privileges (e.g.,tcpdumpfor raw socket access). An agent could use these to perform unauthorized reconnaissance, disrupt connectivity, or modify system network configurations. - [CREDENTIALS_UNSAFE] (HIGH): The Nginx configuration template provided in
SKILL.mdexplicitly points to a sensitive private key path:/etc/ssl/private/api.key. If an agent is permitted to implement or 'debug' this configuration, it might attempt to read, display, or exfiltrate the contents of this key. - [DATA_EXFILTRATION] (HIGH): The
tcpdumpcommands (especiallytcpdump -i any -A) capture network packet content in ASCII format. This can expose passwords, session tokens, and other PII transmitted over unencrypted protocols (HTTP, Telnet). Combined withcurl, an attacker could exfiltrate this captured data to a remote endpoint. - [INDIRECT_PROMPT_INJECTION] (HIGH): The skill is designed to ingest and analyze data from untrusted external sources (network traffic via
tcpdumpand HTTP responses viacurl). - Ingestion points: Output from
curlrequests and live network traffic captured bytcpdump. - Boundary markers: None present. The agent processes raw command output directly.
- Capability inventory: Shell execution (bash), sensitive file path access (SSL keys), and network transmission (curl).
- Sanitization: No sanitization or filtering logic is provided for the data processed by the agent.
Recommendations
- AI detected serious security threats
Audit Metadata