medium-paywall-bypass
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- Privilege Escalation (HIGH): The skill documentation explicitly recommends using 'dangerouslyDisableSandbox: true' for curl commands when encountering errors. This is a significant security risk as it encourages the removal of isolation boundaries designed to protect the host system from potentially malicious content.
- Indirect Prompt Injection (LOW): The skill fetches article content from third-party mirrors like freedium.cfd. Evidence: (1) Ingestion points: Untrusted external mirror URLs. (2) Boundary markers: Absent. (3) Capability inventory: WebFetch and curl. (4) Sanitization: No validation or cleaning of external content.
- External Downloads (LOW): The skill facilitates connections to various external, non-whitelisted domains for mirror services.
Recommendations
- AI detected serious security threats
Audit Metadata