busybox-on-windows
Fail
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- EXTERNAL_DOWNLOADS (HIGH): The skill instructs the user or agent to download executable files (.exe) from
https://frippery.org/files/busybox/usingInvoke-WebRequest. This source is not included in the Trusted External Sources whitelist. - REMOTE_CODE_EXECUTION (HIGH): The skill follows the 'download then execute' pattern. It provides instructions to run the downloaded
busybox.exeimmediately after fetching it, which allows for the execution of unverified binary code on the host system. - COMMAND_EXECUTION (MEDIUM): The skill executes PowerShell commands to gather sensitive system information, including CPU specifications (
Win32_Processor) and specific OS build/version data from the Windows Registry (HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion). This behavior is characteristic of system fingerprinting.
Recommendations
- AI detected serious security threats
Audit Metadata