agent-guard
agent-guard · v · by
59.3
Trust Score
0
Trust Tier
danger
Badge
Score Breakdown
| Factor | Score | Weight |
|---|---|---|
| Static | 0.0 | 15% |
| Permission | 95.0 | 15% |
| Poison | 0.0 | 15% |
| Clickfix | 65.0 | 15% |
| Credential | 100.0 | 15% |
| Twostage | 100.0 | 10% |
| Infrastructure | 100.0 | 5% |
| Typosquat | 100.0 | 5% |
| Age | 10.6 | 3% |
| Popularity | 0.0 | 2% |
Scan Results
STATIC — Score: 0
[CRITICAL] Remote code download and execution via curl pipe
(line 90)
Detects attempts to execute system commands: shell pipes (`curl | bash`, `wget | sh`), destructive commands (`rm -rf`, `
[HIGH] Prompt injection or system override attempt
(line 96)
Detects direct injection phrases ("ignore previous instructions", "forget everything", "you are now a..."), indirect inj
[HIGH] Prompt injection or system override attempt
(line 123)
- **English-centric**: Most patterns target English-language injection. Multi-language coverage exists for "ignore previ
[HIGH] Shell command execution
(line 90)
Detects attempts to execute system commands: shell pipes (`curl | bash`, `wget | sh`), destructive commands (`rm -rf`, `
[CRITICAL] Remote script download piped to shell execution
(line 90)
Detects attempts to execute system commands: shell pipes (`curl | bash`, `wget | sh`), destructive commands (`rm -rf`, `
[MEDIUM] Cron job installation or modification
(line 106)
Detects writes to sensitive dotfiles (`.bashrc`, `.ssh/authorized_keys`), writes to system files (`/etc/passwd`, `/etc/s
PERMISSION — Score: 95
[LOW] Skill appears to use network but declares no permissions
POISON — Score: 0
[CRITICAL] Classic prompt injection: ignore previous instructions
(line 96)
Detects direct injection phrases ("ignore previous instructions", "forget everything", "you are now a..."), indirect inj
[CRITICAL] Classic prompt injection: ignore previous instructions
(line 123)
- **English-centric**: Most patterns target English-language injection. Multi-language coverage exists for "ignore previ
[HIGH] Hidden HTML comment containing suspicious instructions
(line 96)
<!-- ignore above -->
[HIGH] Content contains alarming words not in description: override
CLICKFIX — Score: 65
[CRITICAL] Instructs user to pipe downloaded content to shell
(line 90)
Detects attempts to execute system commands: shell pipes (`curl | bash`, `wget | sh`), destructive commands (`rm -rf`, `
INFRASTRUCTURE — Score: 100
No findings.
TWOSTAGE — Score: 100
No findings.
CREDENTIAL — Score: 100
No findings.
TYPOSQUAT — Score: 100
No findings.