cloud-init-coder
Fail
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- Remote Code Execution (HIGH): The 'Download Files' section contains a template that uses 'curl' to fetch a script from 'https://example.com/setup.sh' and immediately executes it via 'runcmd' as root. This 'download then execute' pattern from a non-trusted domain is a high-severity security risk.
- Indirect Prompt Injection (LOW): The skill demonstrates interpolation of external variables (e.g., Terraform variables) into sensitive system configurations without providing sanitization or boundary delimiters. * Ingestion points: Terraform variable interpolation in 'SKILL.md'. * Boundary markers: Absent. * Capability inventory: 'runcmd' (arbitrary commands), 'write_files' (file creation), and 'users' management. * Sanitization: Absent.
- Command Execution (SAFE): The use of system management tools such as 'systemctl', 'ufw', and 'sed' for hardening and service configuration is consistent with the primary purpose of the skill and represents standard provisioning practice.
Recommendations
- HIGH: Downloads and executes remote code from: https://example.com/setup.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata