pstop
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill provides tools for process termination via
pstop killand describes how to set up persistent resource monitoring using thelanchrutility. - [DATA_EXFILTRATION]: The skill can access and read sensitive system diagnostic logs and crash reports located in
/Library/Logs/DiagnosticReports/, which may contain sensitive system state information or memory segments. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing untrusted process metadata.
- Ingestion points: Tool output from
pstop topandpstop list(stdout). - Boundary markers: There are no boundary markers or instructions to ignore embedded commands within the process names or arguments.
- Capability inventory: The agent has high-impact capabilities including process termination (
pstop kill), file reading (pstop crashes info), and network/port inspection (pstop info). - Sanitization: No sanitization or validation of the process metadata is performed before the agent processes it.
- [EXTERNAL_DOWNLOADS]: The skill suggests installing the
pstoptool from an external Homebrew tap (lu-zhengda/tap/pstop).
Audit Metadata