host
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the x host command to perform system-level management of host tables.
- [COMMAND_EXECUTION]: Documentation correctly identifies that sudo access is required for host file modifications, ensuring transparent privilege handling.
- [DATA_EXFILTRATION]: The skill accesses the /etc/hosts file to provide lookup and interactive search functionality. This is a sensitive file, but the access is strictly limited to the tool's intended purpose.
- [PROMPT_INJECTION]: The skill processes data from the local /etc/hosts file (SKILL.md) without explicit boundary markers. While this file is a system resource, it serves as an ingestion point for data that could potentially facilitate indirect prompt injection if it contains malicious content designed to influence the agent's file-writing capabilities (x host ed).
Audit Metadata