Skills
skills/therainstorm/my-agent-skills/qb-downloader/Gen Agent Trust Hub

qb-downloader

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses curl to interact with an internal qBittorrent API. It constructs these commands by interpolating variables like magnet links and categories directly into the shell environment.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes untrusted information (seed titles and descriptions) from public BT/PT websites.
  • Ingestion points: Data retrieved from https://www.tjupt.org and https://share.dmhy.org during search operations (SKILL.md).
  • Boundary markers: There are no instructions or delimiters to the agent to treat external site content as non-executable data.
  • Capability inventory: The agent can execute network requests to a local service (http://docker.op1:9090) using shell commands as defined in SKILL.md.
  • Sanitization: No sanitization or validation of external input is mentioned before its use in shell commands or prompt context.
  • [EXTERNAL_DOWNLOADS]: The skill initiates network requests to external domains (tjupt.org, dmhy.org) and an internal network address (http://docker.op1:9090) to perform its intended tasks.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 09:59 AM