wireguard
Fail
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill facilitates the installation of Pi-hole by downloading and executing a script from 'https://install.pi-hole.net' via bash. This is the standard installation path for this well-known service.
- [COMMAND_EXECUTION]: Deployment involves root-level configuration of network interfaces, kernel parameters through 'sysctl', and firewall rules via 'iptables' and 'ufw'. These operations are essential for VPN functionality but require broad system permissions.
- [EXTERNAL_DOWNLOADS]: The skill installs necessary system packages using 'apt' and retrieves the Pi-hole installer from its official domain.
- [PROMPT_INJECTION]: The 'add-peer.sh' script accepts a peer name as an argument and incorporates it into file paths and configuration files without sanitization. This provides a surface for indirect prompt injection that could lead to path traversal or unintended configuration modifications. Ingestion points: Peer name argument in add-peer.sh. Boundary markers: Absent. Capability inventory: Writes to system configuration and user directories. Sanitization: Absent.
Recommendations
- HIGH: Downloads and executes remote code from: https://install.pi-hole.net - DO NOT USE without thorough review
Audit Metadata