healthcheck
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The skill performs shell execution using
node -ewith unsanitized template variables. - Evidence: In
SKILL.md, the 'Add Water Record' and 'Update Record' sections utilize a variableCUPSorNEW_CUPSdirectly inside a Node.js one-liner. - Risk: If a user provides input like
1); require('child_process').execSync('id'); //, the underlying command will execute that code instead of simply recording a number. - [REMOTE_CODE_EXECUTION] (HIGH): Vulnerable to Indirect Prompt Injection through unsafe interpolation.
- Ingestion points: User input for the number of cups (
CUPS,NEW_CUPS) is processed inSKILL.md. - Boundary markers: None. The placeholders are placed directly in the executable string.
- Capability inventory: Full Node.js environment access, including file system (
fs) and potential shell access viachild_process. - Sanitization: Absent. There is no validation to ensure the input is a valid number before it is inserted into the script string.
Recommendations
- AI detected serious security threats
Audit Metadata