metrics-report
Fail
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: HIGHCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/post-metrics.shexecutes the commandsource $FILE_PATH. The variable$FILE_PATHis constructed to point to files in the/tmpdirectory (e.g.,/tmp/metrics_code-review_<repo-name>.sh). Since the/tmpdirectory is a world-writable location on most systems, an attacker can pre-create or overwrite these files with malicious shell code. When the skill runs, it will execute that code as if it were part of the script itself. - [DATA_EXFILTRATION]: The skill is configured to transmit repository metadata, including repository URLs, commit IDs, user names, and email addresses, to an external endpoint via an HTTP POST request using
curl.
Recommendations
- AI detected serious security threats
Audit Metadata