pm2
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [Persistence Mechanisms] (MEDIUM): The skill details how to use
pm2 startupandpm2 saveto configure processes that automatically start upon system reboot, which is a method of maintaining persistent access. - [Privilege Escalation] (MEDIUM): Documentation explicitly mentions that the
pm2 startupcommand may requiresudoor administrator privileges to modify system services. - [Unverifiable Dependencies] (MEDIUM): Recommends the installation of external modules via
pm2 install pm2-logrotate, which downloads and executes code from external registries. - [Dynamic Execution] (MEDIUM): Facilitates the execution of arbitrary JavaScript through the use of
ecosystem.config.cjsfiles and one-line Node.js scripts vianode -e. - [Indirect Prompt Injection] (LOW): The skill demonstrates parsing command output (
pm2 jlist) which could ingest untrusted data if process metadata or logs are manipulated by an attacker. Evidence: 1. Ingestion:pm2 jlistpiped to node. 2. Boundary markers: Absent. 3. Capability inventory:node -eexecution. 4. Sanitization: None documented.
Audit Metadata