shell-command
Warn
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: MEDIUMPROMPT_INJECTIONCOMMAND_EXECUTIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill includes instructions that explicitly mandate the agent to override its standard operational protocols and avoid seeking user confirmation during task execution, specifically stating that the rules in the document should override general model training.
- [COMMAND_EXECUTION]: The skill provides a comprehensive reference for executing shell commands with flags designed to bypass confirmation prompts and user interaction across various system tools and package managers.
- [CREDENTIALS_UNSAFE]: The documentation suggests an insecure practice for handling administrative privileges by piping passwords directly to sudo using 'echo "password" | sudo -S command', which can expose credentials in process lists or logs.
- [EXTERNAL_DOWNLOADS]: The skill provides patterns for fetching remote resources using 'curl' and 'wget' without incorporating verification steps or mentioning the risks of untrusted sources.
- [REMOTE_CODE_EXECUTION]: Guidance is provided for running code via package managers and language evaluators like 'python -c' and 'node -e' in non-interactive modes, which are common vectors for executing dynamically generated logic.
Audit Metadata