run-and-triage
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- COMMAND_EXECUTION (MEDIUM): The skill instructs the agent to execute commands "as-is", which facilitates arbitrary command execution on the host environment. This represents a significant risk if the input is not strictly validated.
- REMOTE_CODE_EXECUTION (MEDIUM): Arbitrary shell execution is a form of remote code execution. This capability is dangerous if the command input can be influenced by untrusted external sources.
- Indirect Prompt Injection (LOW): The skill ingests and summarizes untrusted data from command outputs. 1. Ingestion points: Captured stdout and stderr in workflow. 2. Boundary markers: None. 3. Capability inventory: Full shell access via agent tools. 4. Sanitization: None; commands and outputs are processed without filtering.
Audit Metadata