Skills
skills/molechowski/claude-skills/dev-agent-spawn/Gen Agent Trust Hub

dev-agent-spawn

Fail

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill explicitly configures agents to run with dangerous flags such as --dangerously-skip-permissions, --dangerously-bypass-approvals-and-sandbox, and by disabling sandboxing settings, which bypasses the agent's internal security guardrails.
  • [COMMAND_EXECUTION]: The main script utilizes AppleScript to automate terminal input, enabling the programmatic execution of arbitrary shell commands in new Ghostty windows, tabs, or splits.
  • [COMMAND_EXECUTION]: The --send command provides a mechanism to inject arbitrary text and keypresses into active terminal sessions via tmux send-keys, allowing for potentially unauthorized command execution.
  • [DATA_EXFILTRATION]: The --peek functionality uses tmux capture-pane to capture and display the content of terminal sessions, which may expose sensitive information, credentials, or private data to the agent or other processes.
  • [EXTERNAL_DOWNLOADS]: The documentation encourages the use of external, unverified scripts (e.g., in ~/.agent-task-queue/scripts/) that are not part of the skill package, creating a dependency on untrusted local code.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 15, 2026, 04:14 AM