Skills
skills/k-dense-ai/claude-scientific-skills/matlab/Gen Agent Trust Hub

matlab

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [External Downloads & Remote Code Execution] (HIGH): The file references/octave-compatibility.md instructs users to install packages from arbitrary URLs via pkg install, which allows for the execution of untrusted remote code.
  • [Indirect Prompt Injection] (HIGH): The documentation extensively demonstrates unsanitized interpolation of variables into executable command strings. Mandatory Evidence Chain: 1. Ingestion points: Bash variables in references/executing-scripts.md and Python variables in references/python-integration.md. 2. Boundary markers: Absent. 3. Capability inventory: matlab -batch, octave --eval, pyrun, pyrunfile, and requests.get. 4. Sanitization: Absent. These patterns allow malicious data to escape string boundaries and execute arbitrary logic.
  • [Dynamic Execution] (MEDIUM): references/python-integration.md documents the use of pyrun and pyrunfile for runtime execution of Python code, which can be used to execute dynamic or obfuscated payloads.
  • [Privilege Escalation] (LOW): references/executing-scripts.md provides examples of using chmod +x to grant execution permissions to files.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 04:10 AM