atlas-argos

clawhub:atlas-argos

View source

75/100

First Seen

Feb 19, 2026

Last Scanned

Feb 22, 2026

Findings

Score

75/100

CRITICAL 1

LOW 2

Findings (3)

CRITICAL

Fake system prompt PROMPT_INJECTION_010

prompt-injection L10

Detects content pretending to be a system prompt

SYSTEM PROMPT:

FIX

Remove encoded or obfuscated directives (base64, ROT13, unicode escapes, hex-encoded text). All text should be in plaintext and human-readable.

FP?

Likely FP if the encoded content is legitimate data (e.g., a base64-encoded image, a hex-encoded binary hash) rather than concealed directives.

LOW

pip install arbitrary package EXTDL_009

external-download L185

Detects pip install of arbitrary packages that modify the host environment

pip install tw

FIX

Pin all pip packages to exact versions (e.g., pip install package==1.2.3). Use a requirements.txt or pyproject.toml with pinned versions and hash verification.

FP?

Likely FP if the match is in documentation showing how to install the skill's own PyPI package.

LOW

Cron or scheduled command execution CMDEXEC_011

command-execution L457

Detects cron jobs or scheduled tasks that execute commands

crontab: 0 8 * * * ~/atlas_report.sh

FIX

Validate cron expressions and scheduled commands against an allowlist. Ensure scheduled tasks cannot be modified by untrusted input and log all cron job changes.

FP?

Likely FP if the match is a documentation reference to crontab syntax or a short mention of cron in a description of scheduling concepts.