server
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMDATA_EXFILTRATION
Full Analysis
- [Data Exposure] (MEDIUM): The server is configured with
static_root=".". This causes the server to expose the entire current working directory over the network. If the agent runs this skill in a directory containing sensitive information (e.g., .env files, private keys, or configuration files), that data could be exfiltrated. - [Network Security] (LOW): The configuration uses
cors="*", allowing any origin to make requests to the server. This is an insecure default that increases the risk of cross-site attacks against the local service. - [Indirect Prompt Injection] (LOW): The skill establishes multiple data ingestion points through event handlers like
UPLOADandCAMERA_MOVE. Evidence: 1. Ingestion points:UPLOADevent handler in SKILL.md. 2. Boundary markers: None present. 3. Capability inventory: File serving and event processing. 4. Sanitization: No sanitization logic is present in the provided snippets.
Audit Metadata