penetration-testing
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The script is vulnerable to command injection through the target IP argument ($1). The input is not sanitized before being used in directory creation and tool execution, which could allow for arbitrary code execution if a malicious string is provided as the target IP.
- [REMOTE_CODE_EXECUTION] (CRITICAL): Automated scanners detected a remote code execution pattern involving the download and execution of 'linpeas.sh' from GitHub. This script is a known tool for local privilege escalation and represents a critical risk if executed in an untrusted context.
- [EXTERNAL_DOWNLOADS] (HIGH): The script uses 'apt-get install -y' to dynamically download and install system utilities (e.g., nmap, gobuster, nikto) at runtime. This practice bypasses standard software verification and can introduce malicious dependencies into the host environment.
- [PRIVILEGE ESCALATION] (HIGH): Execution of the script requires root/sudo privileges to perform package installations via 'apt-get'. This grants the skill the ability to modify the host system's configuration and software, posing a significant security risk.
- [DATA_EXFILTRATION] (MEDIUM): The tool performs comprehensive reconnaissance on the target, aggregating sensitive data such as service versions, directory listings, and SMB share information into local files. While no direct network exfiltration was found, this data collection is a prerequisite for exfiltration and attack progression.
Recommendations
- HIGH: Downloads and executes remote code from: https://github.com/carlospolop/PEASS-ng/releases/latest/download/linpeas.sh - DO NOT USE without thorough review
- AI detected serious security threats
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata