slides
Warn
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill frequently uses the Bash tool to execute complex shell commands, including launching Google Chrome in headless mode for screenshots, running Python scripts via
python3 -c, and usingffmpegfor video assembly. - [DATA_EXFILTRATION]: Multiple hardcoded absolute file paths (e.g.,
/Users/lifcc/Desktop/code/work/life/xhh/) are present throughout the file. This exposes the author's local directory structure and username, posing a privacy risk and potentially leading to file access errors on other systems. - [REMOTE_CODE_EXECUTION]: The workflow relies on the dynamic generation and execution of Python scripts and shell loops at runtime. These scripts handle image processing, file manipulation, and data serialization (JSON) based on content generated or retrieved by the agent.
- [EXTERNAL_DOWNLOADS]: The skill references external CSS files that load Google Fonts (Noto Sans SC and Space Grotesk) from a CDN, which requires an active network connection during the screenshot process.
Audit Metadata