openhue
Fail
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The installation instructions fetch a binary from a community-maintained GitHub repository (https://github.com/openhue/openhue-cli/releases/latest/download/openhue-linux-amd64) that is not an official source from a well-known technology company.
- [COMMAND_EXECUTION]: The skill uses 'chmod +x' to make the downloaded third-party binary executable on the local system.
- [REMOTE_CODE_EXECUTION]: The skill facilitates the execution of remote binary code without any integrity checks, such as hash or checksum verification.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads resource names (lights, rooms, scenes) from the local network and uses them as command-line arguments without sanitization. * Ingestion points: Resource names fetched from the Hue Bridge via 'openhue get' commands. * Boundary markers: No delimiters or protective warnings are used when interpolating these names into set commands. * Capability inventory: Execution of the 'openhue' CLI with shell-accessible arguments. * Sanitization: No input validation or escaping is applied to the data retrieved from the Hue Bridge before it is passed to the shell.
Recommendations
- AI detected serious security threats
Audit Metadata