trigger-config
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- COMMAND_EXECUTION (MEDIUM): The documentation includes templates for executing system-level commands, such as using
chmod +xin custom build extensions and installing arbitrary system packages via theaptGetextension.- REMOTE_CODE_EXECUTION (MEDIUM): The skill facilitates remote code execution by providing instructions for thepythonExtension, which allows running local Python scripts and executing arbitrary Python code strings viapython.runInline.- EXTERNAL_DOWNLOADS (MEDIUM): The skill provides patterns for downloading and installing external software at build time throughaptGetandadditionalPackages, which could be exploited to introduce unverified dependencies.- DATA_EXFILTRATION (LOW): ThesyncEnvVarsandesbuildPlugin(Sentry) examples demonstrate how to handle sensitive environment variables and API tokens. While these are standard practices, the capability could be misused to exfiltrate secrets if the agent is prompted to point them to an attacker-controlled endpoint.
Audit Metadata