busybox-on-windows
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- EXTERNAL_DOWNLOADS (HIGH): The skill instructs the agent to download executable files (.exe) from an untrusted domain (
frippery.org) using PowerShell'sInvoke-WebRequestcommand. This source is not on the trusted repository list. - COMMAND_EXECUTION (HIGH): After downloading, the skill explicitly guides the agent to execute the binary (
busybox.exe) and provides instructions on how to use it for various system operations. Executing unverified third-party binaries can lead to arbitrary code execution and full system compromise. - DATA_EXFILTRATION (LOW): The skill performs network requests to a non-whitelisted external domain to fetch the software components.
- PROMPT_INJECTION (LOW): While no malicious injection is present, the skill relies on the agent following a multi-step sequence that includes downloading and running software, which is a common pattern for gaining control over an agent's execution environment.
Recommendations
- AI detected serious security threats
Audit Metadata