process-watch
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONNO_CODE
Full Analysis
- CREDENTIALS_UNSAFE (HIGH): The 'info' command explicitly claims to display the environment of a process. Environment variables are a common repository for API keys, database credentials, and other sensitive secrets, making this a high-risk data exposure vector.
- COMMAND_EXECUTION (HIGH): The skill provides a 'kill' command, granting the agent the ability to terminate system processes. This destructive capability could be misused to cause a denial of service or stop security/monitoring software.
- INDIRECT PROMPT INJECTION (HIGH): The skill ingests untrusted system data (process names, environment variables, port descriptions) and possesses high-tier capabilities (process termination). This creates an attack surface where a malicious local process could use a crafted name or environment string to influence agent behavior. Ingestion Point: System process table and network metadata; Capability: Process termination and system state modification; Sanitization: Unverifiable as code is missing.
- NO_CODE (INFO): The provided files consist solely of documentation and metadata. The absence of the actual 'process-watch' implementation (Python scripts or binaries) prevents a technical audit of sanitization practices, shell escaping, or network safety.
Recommendations
- AI detected serious security threats
Audit Metadata