Skills
skills/mitsuhiko/agent-commands/openscad/Gen Agent Trust Hub

openscad

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION] (HIGH): The script tools/render-with-params.sh is vulnerable to command injection because it interpolates a shell variable directly into a Python command string.
  • Evidence: In tools/render-with-params.sh (line 44), the script executes python3 -c "... open('$PARAMS_FILE') as f: ...". Because $PARAMS_FILE is inside a double-quoted Bash string, the shell expands it before passing the argument to Python. An attacker using a filename containing a single quote and Python commands can achieve injection.
  • [REMOTE_CODE_EXECUTION] (HIGH): The command injection vulnerability in the rendering tool allows for arbitrary code execution in the context of the user running the agent.
  • [SAFE] (INFO): The extract-params.sh script correctly handles input by passing the filename as a command-line argument (sys.argv[1]) rather than interpolating it into the code string.
  • [SAFE] (INFO): The skill instructions and other utility scripts do not contain malicious patterns and appear to serve their stated purpose of CAD model management.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 06:16 PM