3dprint-advisor
Warn
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/install_klipper_extras.shexecutes shell commands on a remote Klipper printer host using SSH to install various modules and perform system-level updates. - [EXTERNAL_DOWNLOADS]: The
scripts/install_klipper_extras.shscript clones third-party GitHub repositories (such asAnonoei/klipper_auto_speedandkyleisah/Klipper-Adaptive-Meshing-Purging) to the remote printer host and executes installation scripts contained within them. - [COMMAND_EXECUTION]: Multiple scripts, including
scripts/upload_config.shandscripts/install_klipper_extras.sh, utilize the Moonraker API to upload and overwrite the printer's primary configuration files (printer.cfgandmoonraker.conf). - [REMOTE_CODE_EXECUTION]: The
scripts/send_gcode.shscript allows the agent to send arbitrary G-code commands to the printer hardware via the Moonraker API, granting direct control over movements, heaters, and other physical functions. - [COMMAND_EXECUTION]: The
scripts/diagnose.shscript performs an analysis by fetching the full printer configuration and executing a Python-based diagnostic pass on the retrieved content. - [PROMPT_INJECTION]: The skill architecture involves fetching and parsing configuration data from a remote printer, which acts as an ingestion point for potentially untrusted data that could influence agent behavior.
- Ingestion points:
scripts/fetch_klipper_config.sh,scripts/diagnose.sh(readingprinter.cfgvia the Moonraker API). - Boundary markers: None identified in the parsing logic.
- Capability inventory: SSH command execution, G-code execution, and configuration file modification via API uploads.
- Sanitization: No specific sanitization or filtering of configuration file content (such as comments) is performed before processing.
Audit Metadata