harmonyos-dev
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION] (HIGH): The initialization workflow in
SKILL.mdexecutesnode scripts/check_env.cjs. This script is identified as a core resource but is not included in the provided source files, constituting the execution of unverifiable code. - [COMMAND_EXECUTION] (HIGH): The
references/agency-workflow.mdfile defines a framework for autonomous execution using the// turbo-alldirective. This pattern encourages the agent to execute terminal commands found in task files without human intervention, which is a high-risk operational pattern. - [EXTERNAL_DOWNLOADS] (MEDIUM): The skill utilizes
ohpm installto download dependencies from external registries. These packages are not pinned to specific hashes and could serve as a vector for supply chain attacks. - [DYNAMIC_EXECUTION] (MEDIUM): The
CMakeLists.txtfile in the Native C++ template includes a dynamicinclude(${PACKAGE_FIND_FILE})directive. This allows for the inclusion and execution of arbitrary CMake logic if the variable is controlled by an attacker. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes user-provided
.etsand.tsfiles via thecodelintertool. While part of the primary workflow, this represents a surface for indirect prompt injection. - Ingestion points: User-edited source files.
- Boundary markers: None.
- Capability inventory: Shell command execution (ohpm, node, git), file system operations (xcopy).
- Sanitization: Not implemented.
Recommendations
- AI detected serious security threats
Audit Metadata