hytale-plugin-dev
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (HIGH): The skill directs the agent to clone a project template from 'https://github.com/Darkhax-Hytale/HytalePluginTemplate.git'. This source is not on the Trusted External Sources list, posing a risk of downloading untrusted code.
- [REMOTE_CODE_EXECUTION] (HIGH): The skill explicitly suggests that the agent can run 'gradle build' via 'run_command' on the cloned project. Gradle build scripts (build.gradle.kts) can execute arbitrary code; if the untrusted template is malicious, it can achieve RCE during the build process.
- [COMMAND_EXECUTION] (MEDIUM): The skill utilizes system-level commands including 'winget install', 'mvn install', and 'gradle build'. Automated execution of these commands, especially when involving external repositories or local JAR installations, increases the attack surface.
- [INDIRECT_PROMPT_INJECTION] (HIGH): The skill is highly vulnerable to indirect injection from external data.
- Ingestion points: Project files cloned via Git (SKILL.md Step 3).
- Boundary markers: Absent. The agent is encouraged to 'automatically detect' and build the project without inspecting the scripts.
- Capability inventory: Includes 'run_command' which provides access to shell execution.
- Sanitization: Absent. There is no instruction to validate the integrity or content of the external template before processing.
Recommendations
- AI detected serious security threats
Audit Metadata