Skills
skills/lubu-labs/langchain-agent-skills/langgraph-state-management/Gen Agent Trust Hub

langgraph-state-management

Fail

Audited by Gen Agent Trust Hub on Feb 14, 2026

Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION] (HIGH): The scripts/migrate_state.py utility allows for the execution of arbitrary Python code.
  • Evidence: The function load_migration_script in scripts/migrate_state.py uses importlib.util.spec_from_file_location and spec.loader.exec_module(module) to load and run a file path provided by the user at the command line.
  • Risk: An attacker who can influence the command-line arguments of this script (e.g., through prompt injection or malicious file placement) can achieve full Remote Code Execution (RCE) on the host system.
  • [DATA_EXFILTRATION] (MEDIUM): The migration script accesses and logs state data from SQLite databases.
  • Evidence: The migrate_all and _print_diff methods read checkpoint data and print differences to standard output.
  • Risk: Agent states often contain sensitive information, including chat history, user data, or transient secrets. This information is exposed during the migration process and could be logged or intercepted.
  • [REMOTE_CODE_EXECUTION] (HIGH): While the script targets local files, the pattern of loading and executing external logic is a primary vector for RCE in agentic environments.
  • Evidence: Combined use of importlib and exec_module on a user-defined path.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 14, 2026, 04:00 PM