Skills
skills/plurigrid/asi/whitehole-audio/Gen Agent Trust Hub

whitehole-audio

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • EXTERNAL_DOWNLOADS (HIGH): The skill directs the cloning of a repository from an untrusted GitHub account (bmorphism/WhiteHole). This source is not listed in the [TRUST-SCOPE-RULE] whitelist.
  • COMMAND_EXECUTION (HIGH): The instructions include sudo cp -R and sudo launchctl kickstart, which require root privileges. Granting an agent or skill the ability to execute commands with elevated privileges on sensitive system directories (/Library/Audio/Plug-Ins/HAL/) is a high-risk operation.
  • REMOTE_CODE_EXECUTION (HIGH): The sequence of git clone followed by xcodebuild and then sudo installation constitutes a Remote Code Execution (RCE) vector, as the contents of the untrusted repository are compiled and executed with system-level permissions.
  • Persistence Mechanisms (HIGH): Installing a driver into /Library/Audio/Plug-Ins/HAL/ ensures that the code remains active across system reboots, serving as a persistence mechanism.
  • Metadata Poisoning (MEDIUM): The skill uses dense, pseudo-scientific terminology (e.g., "GF(3) Balanced Triad", "Cat# = Comod(P)", "bicomodule") which may serve to obscure the simple functional nature of the script or mislead users/analyzers regarding its true purpose.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 01:00 PM