crowdsec
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references an installation script from packagecloud.io, a well-known service for hosting package repositories, to provide the official installation method for CrowdSec. Evidence:
curl -s https://packagecloud.io/install/repositories/crowdsec/crowdsec/script.deb.sh | sudo bashin SKILL.md.\n- [COMMAND_EXECUTION]: Multiple administrative commands are documented for managing the security agent, viewing alerts, and modifying firewall decisions using sudo. Evidence:sudo cscli decisions add,sudo cscli alerts list, andsudo systemctl reload crowdsecacross SKILL.md and references/configuration.md.\n- [PROMPT_INJECTION]: The skill documents the ingestion of external log sources via acquis.yaml, creating a potential surface for indirect prompt injection through log manipulation.\n - Ingestion points: Log filenames and journald filters defined in references/configuration.md.\n
- Boundary markers: No explicit markers or delimiters are described for separating untrusted log content from agent instructions.\n
- Capability inventory: The skill documents the capability to perform system-level actions such as banning IPs or reloading services via sudo cscli and systemctl.\n
- Sanitization: Relies on the CrowdSec agent's internal parser logic to validate and normalize external data.
Audit Metadata