openharmony-build
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (HIGH): Command injection in
scripts/check_fast_rebuild.sh. TheTIME_WINDOWparameter is passed to afindcommand without validation, allowing arbitrary command execution via-exec.\n- [COMMAND_EXECUTION] (MEDIUM): Path traversal inscripts/analyze_build_error.shandscripts/find_recent_errors.sh. The product name parameter is used to construct file paths without sanitization, allowing access to files outside the build directory.\n- [PROMPT_INJECTION] (HIGH): Vulnerability to Indirect Prompt Injection (Category 8). The skill reads external build logs and returns them to the agent without boundary markers or sanitization. Since the agent using this skill typically has file-write and command-execution capabilities, malicious log entries could manipulate the agent into performing harmful actions.\n - Ingestion points:
out/$PRODUCT/build.loginscripts/analyze_build_error.sh\n - Boundary markers: None\n
- Capability inventory: Subprocess execution (bash), file system access, and expected agent-level write permissions\n
- Sanitization: None
Recommendations
- AI detected serious security threats
Audit Metadata