2captcha
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
- Unverifiable Dependencies & Remote Code Execution (HIGH): The skill's installation instructions require downloading an executable script from an untrusted source (
adinvadim/2captcha-cli) usingcurland executing it without integrity checks or source verification. - Privilege Escalation (HIGH): The skill suggests installing the unverified tool into
/usr/local/bin/and specifically mentions usingsudofor symbolic link creation, which grants the script elevated, system-wide execution rights. - Indirect Prompt Injection (HIGH): The tool is designed to process data from untrusted web pages (such as sitekeys and URLs) and use them as parameters in CLI commands. This exposes the system to command injection vulnerabilities if the external data contains malicious payloads.
- Data Exposure & Exfiltration (LOW): The documentation guides the agent to store sensitive API keys in plaintext at
~/.config/2captcha/api-key. This is a poor security practice that increases the risk of credential theft if the filesystem is compromised.
Recommendations
- AI detected serious security threats
Audit Metadata