matlab
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [Indirect Prompt Injection] (HIGH): In 'references/executing-scripts.md', the skill demonstrates unsafe interpolation of shell variables into executable command strings (e.g., 'matlab -batch "myfunc(${NAME})"'). Ingestion points: Shell variables in Bash runner scripts. Boundary markers: None. Capability inventory: Subprocess execution and code evaluation via 'matlab -batch' and 'octave --eval'. Sanitization: None provided in documentation examples.
- [Unverifiable Dependencies & Remote Code Execution] (HIGH): In 'references/octave-compatibility.md', the documentation includes instructions for installing packages from arbitrary remote URLs ('pkg install "http://..."'), facilitating the execution of unverified code from untrusted sources.
- [Dynamic Execution] (MEDIUM): The skill extensively documents the use of dynamic execution functions such as 'pyrun', 'pyrunfile', and '--eval', which increases the attack surface for arbitrary code execution if the agent processes untrusted inputs.
- [Data Exposure & Exfiltration] (LOW): Examples in 'references/python-integration.md' illustrate the use of Python's 'requests' library within the MATLAB environment to make outbound HTTP requests, posing a risk of exfiltration if combined with sensitive data access.
Recommendations
- AI detected serious security threats
Audit Metadata