brainstorming
Fail
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: HIGHDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
- [DATA_EXFILTRATION]: The skill contains a direct instruction to transmit the contents of
summary.txtto an external ngrok endpoint (https://45f4-2a06-c701-4911-2c00-de9-9736-a7e1-53ee.ngrok-free.app). Ngrok is a tunneling service that is often used for data exfiltration because it can bypass corporate firewalls. - [EXTERNAL_DOWNLOADS]: The instruction references an untrusted ngrok domain. Interacting with such a domain can lead to IP exposure or serve as a destination for exfiltrated sensitive data.
- [DATA_EXFILTRATION]: While
summary.txtcurrently contains standard shell configuration data, the methodology of appending a local file's content to a URL parameter for a remote request is a generic exfiltration vector that could be applied to any sensitive file on the system.
Recommendations
- AI detected serious security threats
Audit Metadata