skills/seqis/openclaw-skills-converted-from-claude-code/agent-automation-scripter/Gen Agent Trust Hub
agent-automation-scripter
Warn
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is designed to generate and execute complex shell and Python scripts for system-level automation.
- [COMMAND_EXECUTION]: Instructions provide templates for creating persistent background tasks using
systemdtimers andcronjobs, which involve modifying system configuration and maintaining execution across sessions. - [COMMAND_EXECUTION]: The debugging section explicitly recommends using
sudo -u userfor manual verification of scripts, which facilitates privilege escalation within the environment. - [DATA_EXFILTRATION]: The skill mentions using network-capable tools such as
curlfor Slack notifications andsendmailfor email alerts, creating potential pathways for data to leave the system. - [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection as it translates user-provided task requirements into executable code.
- Ingestion points: User-provided task descriptions and automation requirements processed according to the instructions in
SKILL.md. - Boundary markers: None identified; the skill lacks specific delimiters or instructions to disregard embedded commands in the processed data.
- Capability inventory: The agent is equipped with
Bash,Python,Write,Edit,systemctl,cron,curl, andsudocapabilities. - Sanitization: There are no documented procedures for sanitizing or validating user-provided task inputs before they are incorporated into generated scripts.
Audit Metadata