Skills
skills/xiaotianfotos/skills/dlna/Gen Agent Trust Hub

dlna

Fail

Audited by Gen Agent Trust Hub on Feb 23, 2026

Risk Level: CRITICALEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • Remote Code Execution (CRITICAL): The file scripts/setup.sh contains the command curl -LsSf https://astral.sh/uv/install.sh | sh. This pattern is classified as a critical risk because it downloads and immediately executes an external script with shell privileges without verification.
  • Data Exposure (LOW): The file src/dlna/server.py implements a MediaServer using HTTPServer bound to 0.0.0.0. This exposes the contents of the directory being served to any device on the local network. While this is the primary mechanism for DLNA streaming, it requires the agent to be cautious about which directories it shares.
  • Indirect Prompt Injection (LOW): The discovery logic in src/dlna/player.py (specifically the on_response function) ingests device names and model information directly from SSDP network responses. There are no boundary markers or sanitization for this data, which could allow a malicious device on the local network to inject instructions into the agent's context via its name field.
  • False Positive Alert: The automated scan flagged socket.AF as a malicious URL. This is a false positive; the string is part of standard Python socket.AF_INET and socket.AF_DGRAM constants used for network programming in SKILL.md and src/dlna/server.py.
Recommendations
  • HIGH: Downloads and executes remote code from: https://astral.sh/uv/install.sh - DO NOT USE without thorough review
  • AI detected serious security threats
  • Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 23, 2026, 01:20 AM