skills/sebas-aikon-intelligence/antigravity-awesome-skills/Cloud Penetration Testing/Gen Agent Trust Hub
Cloud Penetration Testing
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- Remote Code Execution (CRITICAL): The skill utilizes the
curl | bashpattern to execute a script fromhttps://sdk.cloud.google.com. This method is highly insecure because it fetches and runs code without any integrity verification or version pinning. - External Downloads (HIGH): The execution involves an external domain that is not included in the predefined trusted GitHub organizations or repositories list. Per security policy, such sources are treated as untrusted for direct execution.
- Command Execution (HIGH): The use of piped shell commands facilitates arbitrary system modifications and increases the risk of privilege escalation or environment compromise.
Recommendations
- HIGH: Downloads and executes remote code from: https://sdk.cloud.google.com - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata