lanchr
Warn
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
lanchrCLI tool to perform administrative tasks on system services, including listing, searching, and force-restarting processes. It also includes an inline shell command to check the installation status of the tool. - [COMMAND_EXECUTION]: Using
lanchr create, the agent can specify arbitrary scripts or binaries to be executed by the system's service manager (launchd). These can be configured to run at login, on intervals, or according to calendar schedules. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes data from external sources that it does not control. Malicious instructions could be embedded in service logs or configuration files to manipulate the agent's diagnostics.
- Ingestion points: Service logs retrieved via
lanchr logsand property list (plist) data read vialanchr infoorlanchr doctor. - Boundary markers: The skill does not define clear delimiters or instructions for the agent to ignore embedded commands in the processed data.
- Capability inventory: The agent has broad access to the
lanchrtoolset, enabling it to create, modify, and delete system persistence mechanisms and execute scripts. - Sanitization: There is no evidence of sanitization or validation of the log content or plist metadata before it is presented to the agent for analysis.
- [REMOTE_CODE_EXECUTION]: The
lanchr loadandlanchr importcommands enable the loading of service definitions from arbitrary file paths or portable JSON bundles. These configurations define the executables and arguments that the system will run. - [EXTERNAL_DOWNLOADS]: The skill documentation includes instructions to download and install the
lanchrutility from the author's GitHub-hosted Homebrew tap (lu-zhengda/tap/lanchr).
Audit Metadata