agent-defibrillator
Fail
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill encourages the use of a 'curl | bash' pattern for installation, which fetches and executes unverified code from a remote source directly in the shell.
- [EXTERNAL_DOWNLOADS]: The installation script (install.sh) downloads the main logic script (defibrillator.sh) from a personal GitHub repository (hazy2go) during execution, which is not a trusted vendor source.
- [COMMAND_EXECUTION]: The skill installs a persistent background service using macOS launchd (creating a .plist in ~/Library/LaunchAgents), allowing code to run automatically and periodically without direct user action.
- [COMMAND_EXECUTION]: The watchdog script uses powerful system-level commands, including 'kill -9' to terminate processes and 'launchctl bootstrap' to modify system services.
Recommendations
- HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/hazy2go/agent-defibrillator/main/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata