windows-vm
Fail
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [CREDENTIALS_UNSAFE]: Hardcoded passwords are used in cleartext within environment variables and sshpass commands, exposing credentials in system logs and process lists.
- [COMMAND_EXECUTION]: The skill instructs the agent to run sudo apt install, granting it high-privilege access to the host operating system.
- [EXTERNAL_DOWNLOADS]: The skill pulls the dockurr/windows Docker image from an unverified external source. A discrepancy exists between the documented repository (dockur/windows) and the image name used in commands (dockurr/windows), which may indicate a supply chain concern.
- [REMOTE_CODE_EXECUTION]: Configuration scripts are piped directly into the VM's PowerShell over SSH using execution policy bypasses, facilitating dynamic code execution on the guest system.
- [COMMAND_EXECUTION]: Elevated Docker privileges, specifically --cap-add NET_ADMIN and --device /dev/kvm, are used, increasing the risk to the host system if the container is compromised.
Recommendations
- AI detected serious security threats
Audit Metadata