runpod
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [CREDENTIALS_UNSAFE] (HIGH): The skill accesses sensitive private SSH keys located at
~/.ssh/runpod_keyand~/.runpod/ssh/RunPod-Key. - [COMMAND_EXECUTION] (HIGH): The
mount_pod.shscript executes shell commands (mkdir,sshfs,runpodctl) using a user-suppliedpod_id. The lack of input validation allows for potential path traversal (e.g., using../in a pod ID) to affect the host filesystem. - [EXTERNAL_DOWNLOADS] (MEDIUM): Requires installation of the
runpodctlbinary from a non-trusted third-party Homebrew tap (runpod/runpodctl). - [Indirect Prompt Injection] (HIGH): Vulnerability surface identified in
scripts/mount_pod.shwhere untrusted user input is directly used in privileged operations. 1. Ingestion points:pod_idargument. 2. Boundary markers: Absent. 3. Capability inventory:mkdir,sshfs,runpodctl,mount. 4. Sanitization: Absent; no validation is performed on thepod_idvariable before it is used to construct file paths and command arguments.
Recommendations
- AI detected serious security threats
Audit Metadata