upload-and-share
Fail
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: HIGHDATA_EXFILTRATIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION] (HIGH): The skill is designed to send local file content to 'agentupload.dev'. Because it lacks restrictions on which files can be targeted, it could be used to exfiltrate sensitive information like SSH keys, credentials, or environment files.
- [COMMAND_EXECUTION] (HIGH): The skill instructs the agent to use 'curl' with absolute file paths to perform uploads. This grants the agent broad filesystem access and the ability to transmit that data over the network.
- [EXTERNAL_DOWNLOADS] (LOW): The skill interacts with a non-whitelisted domain ('agentupload.dev'), which is a necessary part of its primary function but remains a point of external data transfer.
- [PROMPT_INJECTION] (LOW): Vulnerability surface for indirect injection identified. 1. Ingestion points: Local files (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: curl, mcp__x402__fetch (SKILL.md). 4. Sanitization: Absent. An attacker could place malicious instructions inside a file to redirect the agent's upload behavior.
Recommendations
- AI detected serious security threats
Audit Metadata