cachyos-linux-assistant
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Command Execution] (HIGH): The skill provides the agent with high-privilege capabilities via sudo to manage packages, services, and system configurations. Although the instructions mandate safety checks and user confirmation, the inherent level of system access is high.
- [Indirect Prompt Injection] (HIGH): The skill is designed to ingest and process untrusted system data from sources such as journalctl, dmesg, and user-provided error logs (ingestion points). It lacks boundary markers or sanitization protocols for this content. Because the agent possesses system-level execution capabilities, malicious data entries in these logs could potentially influence the agent to suggest or execute unauthorized commands (Category 8).
- [External Downloads] (MEDIUM): The skill suggests the use of AUR helpers like yay and paru. These tools fetch and execute user-contributed build scripts from the Arch User Repository, which is not verified by official maintainers and represents a risk of unvetted code execution.
Recommendations
- AI detected serious security threats
Audit Metadata